(imported comment written by Matt.Johnson)
Thanks Noah. I did that now and found that it’s just easier to use DOS commands to do this. A simple MKDIR and then COPY works. However, now I run in to a key isue. Bigfix operates under the SYSTEM account. Which, in our envoriment doesn’t have the ability to isssues commands to the MANAGE-BDE task of Bitlocker. So I am left wondering how to specify credentials to run the Batch file under.
While I have been vauge, let me detail out my issue, steps i’m taking, and desired result. This may help understand my struggle
We are using Bitlocker Drive Encryption. As a result of an update some devices suspended their bitlocker protection. A simple solution is sending the CMD Manage-BDE.exe --on c: (exnteded: c:\windows\system32\manage-bde.exe -on c:) - This resumes the protection.
Here are my hurdles:
- I need to issue this command on the local device.
- I need it to run with local admin rights (I can supply pre-set credentials) - otherwise it will fail
*NOTE I have seen many people post about how the SYSTEM account has rights to do this, they don’t
I’m starting to think SCCM might have been the best way to do this as oppsed to the hours I have put in to attempt to compile what would seem to be an easy task.
Can anyone please tell me, in a very granular level, how to do this?
Thanks