mLipok Posted July 23, 2018 Posted July 23, 2018 (edited) I have a question to this members who uses TPM (Trusted Platform Module) + BitLocker on Windows10 Pro in their work. I want to ask if using TPM on your PC did you encounter any problems, and if computer slow down ? Other question is: How to check using Autoit - if Computer uses BitLocker on desired partition. EDIT: Answering please provide information about specyfic PC configuration. EDIT2: I just found: .... but the question about speed / slowing down is still valid. Edited July 23, 2018 by mLipok Signature beginning:* Please remember: "AutoIt"..... * Wondering who uses AutoIt and what it can be used for ? * Forum Rules ** ADO.au3 UDF * POP3.au3 UDF * XML.au3 UDF * IE on Windows 11 * How to ask ChatGPT for AutoIt Code * for other useful stuff click the following button: Spoiler Any of my own code posted anywhere on the forum is available for use by others without any restriction of any kind. My contribution (my own projects): * Debenu Quick PDF Library - UDF * Debenu PDF Viewer SDK - UDF * Acrobat Reader - ActiveX Viewer * UDF for PDFCreator v1.x.x * XZip - UDF * AppCompatFlags UDF * CrowdinAPI UDF * _WinMergeCompare2Files() * _JavaExceptionAdd() * _IsBeta() * Writing DPI Awareness App - workaround * _AutoIt_RequiredVersion() * Chilkatsoft.au3 UDF * TeamViewer.au3 UDF * JavaManagement UDF * VIES over SOAP * WinSCP UDF * GHAPI UDF - modest begining - comunication with GitHub REST API * ErrorLog.au3 UDF - A logging Library * Include Dependency Tree (Tool for analyzing script relations) * Show_Macro_Values.au3 * My contribution to others projects or UDF based on others projects: * _sql.au3 UDF * POP3.au3 UDF * RTF Printer - UDF * XML.au3 UDF * ADO.au3 UDF * SMTP Mailer UDF * Dual Monitor resolution detection * * 2GUI on Dual Monitor System * _SciLexer.au3 UDF * SciTE - Lexer for console pane * Useful links: * Forum Rules * Forum etiquette * Forum Information and FAQs * How to post code on the forum * AutoIt Online Documentation * AutoIt Online Beta Documentation * SciTE4AutoIt3 getting started * Convert text blocks to AutoIt code * Games made in Autoit * Programming related sites * Polish AutoIt Tutorial * DllCall Code Generator * Wiki: * Expand your knowledge - AutoIt Wiki * Collection of User Defined Functions * How to use HelpFile * Good coding practices in AutoIt * OpenOffice/LibreOffice/XLS Related: WriterDemo.au3 * XLS/MDB from scratch with ADOX IE Related: * How to use IE.au3 UDF with AutoIt v3.3.14.x * Why isn't Autoit able to click a Javascript Dialog? * Clicking javascript button with no ID * IE document >> save as MHT file * IETab Switcher (by LarsJ ) * HTML Entities * _IEquerySelectorAll() (by uncommon) * IE in TaskScheduler * IE Embedded Control Versioning (use IE9+ and HTML5 in a GUI) * PDF Related: * How to get reference to PDF object embeded in IE * IE on Windows 11 * I encourage you to read: * Global Vars * Best Coding Practices * Please explain code used in Help file for several File functions * OOP-like approach in AutoIt * UDF-Spec Questions * EXAMPLE: How To Catch ConsoleWrite() output to a file or to CMD *I also encourage you to check awesome @trancexx code: * Create COM objects from modules without any demand on user to register anything. * Another COM object registering stuff * OnHungApp handler * Avoid "AutoIt Error" message box in unknown errors * HTML editor * winhttp.au3 related : * https://www.autoitscript.com/forum/topic/206771-winhttpau3-download-problem-youre-speaking-plain-http-to-an-ssl-enabled-server-port/ "Homo sum; humani nil a me alienum puto" - Publius Terentius Afer"Program are meant to be read by humans and only incidentally for computers and execute" - Donald Knuth, "The Art of Computer Programming" , be and \\//_. Anticipating Errors : "Any program that accepts data from a user must include code to validate that data before sending it to the data store. You cannot rely on the data store, ...., or even your programming language to notify you of problems. You must check every byte entered by your users, making sure that data is the correct type for its field and that required fields are not empty." Signature last update: 2023-04-24
Developers Jos Posted July 25, 2018 Developers Posted July 25, 2018 We rolled out bitocker on some 4000+ laptops a couple of years ago and I wrote this vbs to list the rollout status which is displayed in xml used by the inventory package we used at the time: Const ForAppending = 8 Const SetPres = 10 const HKEY_LOCAL_MACHINE = &H80000002 const REG_SZ = 1 const REG_EXPAND_SZ = 2 const REG_BINARY = 3 const REG_DWORD = 4 const REG_MULTI_SZ = 7 Dim bIsEnabled,bIsActivated,bIsOwned,bIsOwnershipAllowed,objTPM,objLog,TakeOwnership,Enable,objEnVol,strStatusTPM,strStatusBDE,strStatusTPMState Dim objGPPT,strOwnerPassword,strPassword,objWMIBDE,nProtStatus,ProtectVar,objOSSysDriv,objSWbemServices,objOS,coloperatingsystem,sProtID,strOldOwnerPassword Dim argProtect,argRK,argEM,argSMS,argLOG,argRO,argPrompt,strCurrentUser,argValid,i,strPIN,objRemovableDrive,strStatusCode,strStatusData,MIF,strEKP,strEK Dim ActiveDirectoryBackup,ActiveDirectoryInfoToStore,RequireActiveDirectoryBackup,EncryptionMethod,BackupMandatory,strStartDate,strStartTime,strRetry,strPolicy DIM TPM_Enabled, TMP_err, Drive_St, lDriveType '~ on error resume next DIM tpmst,encst, systempart, part_details tpmst = ConnectTPMProv() encst = DriveEncryted() systempart = "" part_details = "" getsystempart systempart, part_details writeXML "C:",tpmst&encst,"",systempart,part_details WScript.sleep(1000) WScript.Quit(0) Function ConnectTPMProv() on error resume next strConnectionStr1 = "winmgmts:{impersonationLevel=impersonate,authenticationLevel=pktPrivacy}!root\cimv2\Security\MicrosoftTpm" TPM_Enabled = 0 Encryption_status = 0 TMP_err = 0 err.clear Set objWMITPM = GetObject(strConnectionStr1) If Err.Number <> 0 Then '~ Wscript.Echo "ERROR - Failed to connect to the MicrosoftTPM provider." TPM_Enabled = 9 Else '~ Wscript.Echo "Connection succeeded to MicrosoftTPM" ' There should either be 0 or 1 instance of the TPM provider class Set colTpm = objWMITPM.InstancesOf("Win32_Tpm") If colTpm.Count = 0 Then '~ Wscript.Echo "ERROR - Failed get a TPM instance in the provider class. Script is exiting..." Else 'Get a single instance of the TPM provider class Set objTpm = objWMITPM.Get("Win32_Tpm=@") If Err.Number <> 0 Then '~ Wscript.Echo "ERROR - Failed get a TPM instance in the provider class. Script is exiting...(Error: " & Err.Number & ")" Else TPM_Enabled = 1 '~ Wscript.Echo "Successfully retrieved a TPM instance from the Win32_TPM provider class" GetTPMStatus() 'Get the current status of the TPM to determine action '~ Wscript.Echo "bIsEnabled:" & bIsEnabled & "bIsActivated:" & bIsActivated & " bIsOwned:" & bIsOwned 'The following If statements cause the script to react differently depending on the TPM state If bIsEnabled = "True" and bIsActivated = "True" and bIsOwned = "True" Then '~ Wscript.Echo "TPM is in a ready state to enable BitLocker." TPM_Enabled = 6 ElseIf bIsEnabled = "True" and bIsActivated = "True" and bIsOwned = "False" Then '~ Wscript.Echo "TPM ownership is not taken." TPM_Enabled = 5 ElseIf bIsEnabled = "True" and bIsActivated = "False" and bIsOwned = "False" Then '~ Wscript.Echo "TPM is turned on but not activated.." TPM_Enabled = 4 ElseIf bIsEnabled = "False" And bIsActivated = "False" and bIsOwned = "False" Then '~ Wscript.Echo "TPM is not turned on.." TPM_Enabled = 3 ElseIf bIsEnabled = "False" and bIsActivated = "True" and bIsOwned = "True" Then '~ Wscript.Echo "TPM is not enabled" TPM_Enabled = 2 End If End If End If end if Err.Clear ConnectTPMProv = TPM_Enabled return 1 ' End Function function DriveEncryted() on error resume next Dim systempart, part_details,strDrive,strProtectionStatus,strVolumeId, encsts encsts = 0 ' Check whether the C: drive is encrypted ' WMI connection to Win32_EncryptableVolume, note that this will be only available on devices where BitLocker is enabled '~ Set objWMIService = GetObject("winmgmts:\\.\root\CIMV2\Security\MicrosoftVolumeEncryption") Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate,authenticationLevel=pktPrivacy}!root\cimv2\Security\MicrosoftVolumeEncryption") ' If Err.Number <> 0 Then '~ Wscript.Echo "ERROR - Failed to connect to the MicrosoftVolumeEncryption provider." encsts = 9 else Set colItems = objWMIService.ExecQuery("SELECT * FROM Win32_EncryptableVolume ",,48) For Each objItem in colItems teller = teller + 1 strProtectionStatus = objItem.ProtectionStatus strDrive = objItem.DriveLetter strVolumeId = objItem.PersistentVolumeID '~ Numeric value that corresponds to the type of disk drive this logical disk represents. '~ Unknown (0) '~ No Root Directory(1) '~ Removable Disk(2) '~ Local Disk(3) '~ Network Drive(4) '~ Compact Disc (5) '~ RAM Disk (6) if GetDriveType(strDrive) = 3 then '~ Wscript.Echo "strProtectionStatus " & strProtectionStatus GetVolName(strDrive) '~ WScript.Echo "2.systempart : " & systempart '~ WScript.Echo "2.part_details: " & part_details if strProtectionStatus = "1" then encsts = 1 end if end if Next if teller = 0 then encsts = 9 end if end if DriveEncryted=encsts return End Function Function GetDriveType(DriveLetter) '~ Wscript.Echo "### Get Disk DriveType for " & DriveLetter '~ Enumerating Logical Disk Drive Properties strComputer = "." Set objWMIService = GetObject("winmgmts:" _ & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2") Set colDisks = objWMIService.ExecQuery _ ("Select * from Win32_LogicalDisk") For each objDisk in colDisks if objDisk.DeviceID = DriveLetter then GetDriveType = objDisk.DriveType '~ Wscript.Echo "DeviceID: " & DriveLetter & " DriveType:" & GetDriveType Exit Function end if Next '~ Wscript.Echo "! DeviceID: " & DriveLetter& " DriveType not found." End Function Function GetVolName(DriveLetter) '~ Wscript.Echo "### Get Disk DriveType for " & DriveLetter '~ Enumerating Logical Disk Drive Properties strComputer = "." Set objWMIService = GetObject("winmgmts:" _ & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2") Set colDisks = objWMIService.ExecQuery _ ("Select * from Win32_LogicalDisk") For each objDisk in colDisks if objDisk.DeviceID = DriveLetter then GetVolName = objDisk.VolumeName '~ Wscript.Echo "DeviceID: " & DriveLetter & " info:" & GetVolName Exit Function end if Next '~ Wscript.Echo "! DeviceID: " & DriveLetter& " DriveType not found." End Function Function ProtectStatus (strProtectionStatus) Select Case strProtectionStatus Case 0 ProtectStatus = "OFF" Case 1 ProtectStatus = "ON" Case 2 ProtectStatus = "Unk" End Select End Function Function GetTPMStatus() on error resume next Err.Clear nRC = objTpm.IsEnabled(bIsEnabled) If nRC <> 0 Then '~ Wscript.Echo "ERROR - The method IsEnabled failed with return code 0x" & Hex(nRC) End If Err.Clear nRC = objTpm.IsActivated(bIsActivated) If nRC <> 0 Then '~ Wscript.Echo "ERROR - The method IsActivated failed with return code 0x" & Hex(nRC) End If Err.Clear nRC = objTpm.IsOwned(bIsOwned) If nRC <> 0 Then '~ Wscript.Echo "ERROR - The method IsOwned failed with return code 0x" & Hex(nRC) End If strStatusTPMState = "TPM found in the following state: Enabled - " & bIsEnabled & ", Activated - " & bIsActivated & ", Owned - " & bIsOwned End Function Sub getsystempart(systempart,part_details) strComputer = "." systempart = 7 part_details = "" Set objWMIService = GetObject("winmgmts:" _ & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2") Set colItems = objWMIService.ExecQuery("Select * from Win32_Volume") For Each objItem In colItems '~ WScript.Echo "Caption: " & objItem.Caption & " Label:" & objItem.Label & " Size:" & objItem.Capacity & " " & mid(objItem.Caption,2,1) part_details = part_details& "#" & objItem.Caption & "|" & objItem.Label & "|" & objItem.Capacity ' * Didn't work because some had "System" as Label '~ if objItem.Label = "System Reserved" then '~ systempart = 1 '~ end if ' if lcase(mid(objItem.Caption,2,2)) <> ":" and objItem.Capacity < 20000000000 then systempart = 1 end if Next '~ WScript.Echo "systempart : " & systempart '~ WScript.Echo "part_details: " & part_details End sub Sub writeXML(strDrive,TPM_Enabled,strVolumeId,Syspart,SyspartDet) Wscript.Echo "<SOFTWARES>" & vbCrLf & _ "<PUBLISHER>Staples Specific</PUBLISHER>" & vbCrLf & _ "<NAME>Bitlocker_Status</NAME>" & vbCrLf & _ "<VERSION>" & TPM_Enabled & "</VERSION>" & vbCrLf & _ "<FOLDER>" & strDrive & "/</FOLDER>" & vbCrLf & _ "<COMMENTS>" & SyspartDet & "</COMMENTS>" & vbCrLf & _ "<FILENAME>" & strVolumeId &"</FILENAME>" & vbCrLf & _ "<FILESIZE>" & Syspart & "</FILESIZE>" & vbCrLf & _ "<GUID />" & vbCrLf & _ "<LANGUAGE />" & vbCrLf & _ "<INSTALLDATE>2016-05-02 10:30:00</INSTALLDATE>" & vbCrLf & _ "<BITSWIDTH>0</BITSWIDTH>" & vbCrLf & _ "<SOURCE>1</SOURCE>" & vbCrLf & _ "</SOFTWARES>" End Sub ' We had no issues with performance. Jos mLipok 1 SciTE4AutoIt3 Full installer Download page - Beta files Read before posting How to post scriptsource Forum etiquette Forum Rules Live for the present, Dream of the future, Learn from the past.
mLipok Posted July 25, 2018 Author Posted July 25, 2018 Thanks. I will back to this after my vacation which I start quite soon. Signature beginning:* Please remember: "AutoIt"..... * Wondering who uses AutoIt and what it can be used for ? * Forum Rules ** ADO.au3 UDF * POP3.au3 UDF * XML.au3 UDF * IE on Windows 11 * How to ask ChatGPT for AutoIt Code * for other useful stuff click the following button: Spoiler Any of my own code posted anywhere on the forum is available for use by others without any restriction of any kind. My contribution (my own projects): * Debenu Quick PDF Library - UDF * Debenu PDF Viewer SDK - UDF * Acrobat Reader - ActiveX Viewer * UDF for PDFCreator v1.x.x * XZip - UDF * AppCompatFlags UDF * CrowdinAPI UDF * _WinMergeCompare2Files() * _JavaExceptionAdd() * _IsBeta() * Writing DPI Awareness App - workaround * _AutoIt_RequiredVersion() * Chilkatsoft.au3 UDF * TeamViewer.au3 UDF * JavaManagement UDF * VIES over SOAP * WinSCP UDF * GHAPI UDF - modest begining - comunication with GitHub REST API * ErrorLog.au3 UDF - A logging Library * Include Dependency Tree (Tool for analyzing script relations) * Show_Macro_Values.au3 * My contribution to others projects or UDF based on others projects: * _sql.au3 UDF * POP3.au3 UDF * RTF Printer - UDF * XML.au3 UDF * ADO.au3 UDF * SMTP Mailer UDF * Dual Monitor resolution detection * * 2GUI on Dual Monitor System * _SciLexer.au3 UDF * SciTE - Lexer for console pane * Useful links: * Forum Rules * Forum etiquette * Forum Information and FAQs * How to post code on the forum * AutoIt Online Documentation * AutoIt Online Beta Documentation * SciTE4AutoIt3 getting started * Convert text blocks to AutoIt code * Games made in Autoit * Programming related sites * Polish AutoIt Tutorial * DllCall Code Generator * Wiki: * Expand your knowledge - AutoIt Wiki * Collection of User Defined Functions * How to use HelpFile * Good coding practices in AutoIt * OpenOffice/LibreOffice/XLS Related: WriterDemo.au3 * XLS/MDB from scratch with ADOX IE Related: * How to use IE.au3 UDF with AutoIt v3.3.14.x * Why isn't Autoit able to click a Javascript Dialog? * Clicking javascript button with no ID * IE document >> save as MHT file * IETab Switcher (by LarsJ ) * HTML Entities * _IEquerySelectorAll() (by uncommon) * IE in TaskScheduler * IE Embedded Control Versioning (use IE9+ and HTML5 in a GUI) * PDF Related: * How to get reference to PDF object embeded in IE * IE on Windows 11 * I encourage you to read: * Global Vars * Best Coding Practices * Please explain code used in Help file for several File functions * OOP-like approach in AutoIt * UDF-Spec Questions * EXAMPLE: How To Catch ConsoleWrite() output to a file or to CMD *I also encourage you to check awesome @trancexx code: * Create COM objects from modules without any demand on user to register anything. * Another COM object registering stuff * OnHungApp handler * Avoid "AutoIt Error" message box in unknown errors * HTML editor * winhttp.au3 related : * https://www.autoitscript.com/forum/topic/206771-winhttpau3-download-problem-youre-speaking-plain-http-to-an-ssl-enabled-server-port/ "Homo sum; humani nil a me alienum puto" - Publius Terentius Afer"Program are meant to be read by humans and only incidentally for computers and execute" - Donald Knuth, "The Art of Computer Programming" , be and \\//_. Anticipating Errors : "Any program that accepts data from a user must include code to validate that data before sending it to the data store. You cannot rely on the data store, ...., or even your programming language to notify you of problems. You must check every byte entered by your users, making sure that data is the correct type for its field and that required fields are not empty." Signature last update: 2023-04-24
mLipok Posted August 31, 2018 Author Posted August 31, 2018 Here is quick convertion: expandcollapse popup;~ https://www.autoitscript.com/forum/topic/194953-trusted-platform-module-bitlocker/? Const $iForAppending = 8 Const $iSetPres = 10 ;~ const $HKEY_LOCAL_MACHINE = &H80000002 Const $REG_SZ = 1 Const $REG_EXPAND_SZ = 2 Const $REG_BINARY = 3 Const $REG_DWORD = 4 Const $REG_MULTI_SZ = 7 Dim $__g_bIsEnabled, $__g_bIsActivated, $__g_bIsOwned, $__g_bIsOwnershipAllowed, $o_objTpm, $__g_objLog, $__g_TakeOwnership, $Enable, $__g_objEnVol, $__g_strStatusTPM, $__g_strStatusBDE, $__g_strStatusTPMState Dim $o_objGPPT, $s_strOwnerPassword, $s_strPassword, $objWMIBDE, $nProtStatus, $ProtectVar, $objOSSysDriv, $objSWbemServices, $objOS, $coloperatingsystem, $sProtID, $s_strOldOwnerPassword Dim $argProtect, $argRK, $argEM, $argSMS, $argLOG, $argRO, $argPrompt, $strCurrentUser, $argValid, $i, $strPIN, $objRemovableDrive, $strStatusCode, $strStatusData, $MIF, $strEKP, $strEK Dim $ActiveDirectoryBackup, $ActiveDirectoryInfoToStore, $RequireActiveDirectoryBackup, $EncryptionMethod, $BackupMandatory, $s_strStartDate, $s_strStartTime, $s_strRetry, $s_strPolicy Dim $i_TPM_Enabled, $i_TMP_err, $__g_Drive_St, $__g_lDriveType ;~ on error resume next Dim $_tpmst, $_encst, $systempart, $part_details $_tpmst = ConnectTPMProv() $_encst = DriveEncryted() $systempart = "" $part_details = "" getsystempart($systempart, $part_details) writeXML("C:", $_tpmst & $_encst, "", $systempart, $part_details) Sleep(1000) Exit Func ConnectTPMProv() ;~ on error resume next $s_strConnectionStr1 = "winmgmts:{impersonationLevel=impersonate,authenticationLevel=pktPrivacy}!root\cimv2\Security\MicrosoftTpm" $i_TPM_Enabled = 0 $i_Encryption_status = 0 $i_TMP_err = 0 ;~ err.clear Local $o_objWMITPM = ObjGet($s_strConnectionStr1) ;~ If Err.Number <> 0 Then If @error Then ;~ Wscript.Echo "ERROR - Failed to connect to the MicrosoftTPM provider." $i_TPM_Enabled = 9 Else ;~ Wscript.Echo "Connection succeeded to MicrosoftTPM" ; There should either be 0 or 1 instance of the TPM provider class Local $o_colTpm = $o_objWMITPM.InstancesOf("Win32_Tpm") If $o_colTpm.Count = 0 Then ;~ Wscript.Echo "ERROR - Failed get a TPM instance in the provider class. Script is exiting..." Else ; Get a single instance of the TPM provider class Local $o_objTpm = $o_objWMITPM.Get("Win32_Tpm=@") ;~ If Err.Number <> 0 Then If @error Then ;~ Wscript.Echo "ERROR - Failed get a TPM instance in the provider class. Script is exiting...(Error: " & Err.Number & ")" Else $i_TPM_Enabled = 1 ;~ Wscript.Echo "Successfully retrieved a TPM instance from the Win32_TPM provider class" GetTPMStatus() ; Get the current status of the TPM to determine action ;~ Wscript.Echo "$__g_bIsEnabled:" & $__g_bIsEnabled & "$__g_bIsActivated:" & $__g_bIsActivated & " $__g_bIsOwned:" & $__g_bIsOwned ; The following If statements cause the script to react differently depending on the TPM state If $__g_bIsEnabled = "True" And $__g_bIsActivated = "True" And $__g_bIsOwned = "True" Then ;~ Wscript.Echo "TPM is in a ready state to enable BitLocker." $i_TPM_Enabled = 6 ElseIf $__g_bIsEnabled = "True" And $__g_bIsActivated = "True" And $__g_bIsOwned = "False" Then ;~ Wscript.Echo "TPM ownership is not taken." $i_TPM_Enabled = 5 ElseIf $__g_bIsEnabled = "True" And $__g_bIsActivated = "False" And $__g_bIsOwned = "False" Then ;~ Wscript.Echo "TPM is turned on but not activated.." $i_TPM_Enabled = 4 ElseIf $__g_bIsEnabled = "False" And $__g_bIsActivated = "False" And $__g_bIsOwned = "False" Then ;~ Wscript.Echo "TPM is not turned on.." $i_TPM_Enabled = 3 ElseIf $__g_bIsEnabled = "False" And $__g_bIsActivated = "True" And $__g_bIsOwned = "True" Then ;~ Wscript.Echo "TPM is not enabled" $i_TPM_Enabled = 2 EndIf EndIf EndIf EndIf ;~ Err.Clear Return $i_TPM_Enabled EndFunc ;==>ConnectTPMProv Func DriveEncryted() ;~ on error resume next Dim $systempart, $part_details, $s_strDrive, $s_strProtectionStatus, $s_strVolumeId, $_encsts $_encsts = 0 ; Check whether the C: drive is encrypted ; WMI connection to Win32_EncryptableVolume, note that this will be only available on devices where BitLocker is enabled ;~ Local $o_objWMIService = ObjGet("winmgmts:\\.\root\CIMV2\Security\MicrosoftVolumeEncryption") Local $o_objWMIService = ObjGet("winmgmts:{impersonationLevel=impersonate,authenticationLevel=pktPrivacy}!root\cimv2\Security\MicrosoftVolumeEncryption") ;~ If Err.Number <> 0 Then If @error Then ;~ Wscript.Echo "ERROR - Failed to connect to the MicrosoftVolumeEncryption provider." $_encsts = 9 Else Local $o_colItems = $o_objWMIService.ExecQuery("SELECT * FROM Win32_EncryptableVolume ",0, 48) Local $i_teller For $o_objItem In $o_colItems $i_teller = $i_teller + 1 $s_strProtectionStatus = $o_objItem.ProtectionStatus $s_strDrive = $o_objItem.DriveLetter $s_strVolumeId = $o_objItem.PersistentVolumeID ;~ Numeric value that corresponds to the type of disk drive this logical disk represents. ;~ Unknown (0) ;~ No Root Directory(1) ;~ Removable Disk(2) ;~ Local Disk(3) ;~ Network Drive(4) ;~ Compact Disc (5) ;~ RAM Disk (6) If GetDriveType($s_strDrive) = 3 Then ;~ Wscript.Echo "$s_strProtectionStatus " & $s_strProtectionStatus GetVolName($s_strDrive) ;~ WScript.Echo "2.$systempart : " & $systempart ;~ WScript.Echo "2.$part_details: " & $part_details If $s_strProtectionStatus = "1" Then $_encsts = 1 EndIf EndIf Next If $i_teller = 0 Then $_encsts = 9 EndIf EndIf Return $_encsts EndFunc ;==>DriveEncryted Func GetDriveType($DriveLetter) ;~ Wscript.Echo "### Get Disk DriveType for " & $DriveLetter ;~ Enumerating Logical Disk Drive Properties $s_strComputer = "." Local $o_objWMIService = ObjGet("winmgmts:" _ & "{impersonationLevel=impersonate}!\\" & $s_strComputer & "\root\cimv2") Local $o_colDisks = $o_objWMIService.ExecQuery _ ("Select * from Win32_LogicalDisk") For $o_objDisk In $o_colDisks If $o_objDisk.DeviceID = $DriveLetter Then GetDriveType = $o_objDisk.DriveType ;~ Wscript.Echo "DeviceID: " & $DriveLetter & " DriveType:" & GetDriveType Exit Function EndIf Next ;~ Wscript.Echo "! DeviceID: " & $DriveLetter& " DriveType not found." EndFunc ;==>GetDriveType Func GetVolName($DriveLetter) ;~ Wscript.Echo "### Get Disk DriveType for " & $DriveLetter ;~ Enumerating Logical Disk Drive Properties $s_strComputer = "." Local $o_objWMIService = ObjGet("winmgmts:" _ & "{impersonationLevel=impersonate}!\\" & $s_strComputer & "\root\cimv2") Local $o_colDisks = $o_objWMIService.ExecQuery _ ("Select * from Win32_LogicalDisk") For $o_objDisk In $o_colDisks If $o_objDisk.DeviceID = $DriveLetter Then GetVolName = $o_objDisk.VolumeName ;~ Wscript.Echo "DeviceID: " & $DriveLetter & " info:" & GetVolName Exit Function EndIf Next ;~ Wscript.Echo "! DeviceID: " & $DriveLetter& " DriveType not found." EndFunc ;==>GetVolName Func ProtectStatus($s_strProtectionStatus) Select Case $s_strProtectionStatus = 0 ProtectStatus = "OFF" Case $s_strProtectionStatus = 1 ProtectStatus = "ON" Case $s_strProtectionStatus = 2 ProtectStatus = "Unk" EndSelect EndFunc ;==>ProtectStatus Func GetTPMStatus() ;~ on error resume next ;~ Err.Clear $i_nRC = $o_objTpm.IsEnabled($__g_bIsEnabled) If $i_nRC <> 0 Then ;~ Wscript.Echo "ERROR - The method IsEnabled failed with return code 0x" & Hex($i_nRC) EndIf ;~ Err.Clear $i_nRC = $o_objTpm.IsActivated($__g_bIsActivated) If $i_nRC <> 0 Then ;~ Wscript.Echo "ERROR - The method IsActivated failed with return code 0x" & Hex($i_nRC) EndIf ;~ Err.Clear $i_nRC = $o_objTpm.IsOwned($__g_bIsOwned) If $i_nRC <> 0 Then ;~ Wscript.Echo "ERROR - The method IsOwned failed with return code 0x" & Hex($i_nRC) EndIf $__g_strStatusTPMState = "TPM found in the following state: Enabled - " & $__g_bIsEnabled & ", Activated - " & $__g_bIsActivated & ", Owned - " & $__g_bIsOwned EndFunc ;==>GetTPMStatus Func getsystempart($systempart, $part_details) $s_strComputer = "." $systempart = 7 $part_details = "" Local $o_objWMIService = ObjGet("winmgmts:" _ & "{impersonationLevel=impersonate}!\\" & $s_strComputer & "\root\cimv2") Local $o_colItems = $o_objWMIService.ExecQuery("Select * from Win32_Volume") For $o_objItem In $o_colItems ;~ WScript.Echo "Caption: " & $o_objItem.Caption & " Label:" & $o_objItem.Label & " Size:" & $o_objItem.Capacity & " " & mid($o_objItem.Caption,2,1) $part_details = $part_details & "#" & $o_objItem.Caption & "|" & $o_objItem.Label & "|" & $o_objItem.Capacity ; * Didn't work because some had "System" as Label ;~ if $o_objItem.Label = "System Reserved" then ;~ $systempart = 1 ;~ EndIf ; If StringLower(StringMid($o_objItem.Caption, 2, 2)) <> ":" And $o_objItem.Capacity < 20000000000 Then $systempart = 1 EndIf Next ;~ WScript.Echo "$systempart : " & $systempart ;~ WScript.Echo "$part_details: " & $part_details EndFunc ;==>getsystempart Func writeXML($s_strDrive, $i_TPM_Enabled, $s_strVolumeId, $i_Syspart, $s_SyspartDet) MsgBox(0, '', _ "<SOFTWARES>" & @CRLF & _ "<PUBLISHER>Staples Specific</PUBLISHER>" & @CRLF & _ "<NAME>Bitlocker_Status</NAME>" & @CRLF & _ "<VERSION>" & $i_TPM_Enabled & "</VERSION>" & @CRLF & _ "<FOLDER>" & $s_strDrive & "/</FOLDER>" & @CRLF & _ "<COMMENTS>" & $s_SyspartDet & "</COMMENTS>" & @CRLF & _ "<FILENAME>" & $s_strVolumeId & "</FILENAME>" & @CRLF & _ "<FILESIZE>" & $i_Syspart & "</FILESIZE>" & @CRLF & _ "<GUID />" & @CRLF & _ "<LANGUAGE />" & @CRLF & _ "<INSTALLDATE>2016-05-02 10:30:00</INSTALLDATE>" & @CRLF & _ "<BITSWIDTH>0</BITSWIDTH>" & @CRLF & _ "<SOURCE>1</SOURCE>" & @CRLF & _ "</SOFTWARES>" _ ) EndFunc ;==>writeXML I'm wondering if, in this following line: Local $o_colItems = $o_objWMIService.ExecQuery("SELECT * FROM Win32_EncryptableVolume ",0, 48) parameter = 0 is a proper value ? Signature beginning:* Please remember: "AutoIt"..... * Wondering who uses AutoIt and what it can be used for ? * Forum Rules ** ADO.au3 UDF * POP3.au3 UDF * XML.au3 UDF * IE on Windows 11 * How to ask ChatGPT for AutoIt Code * for other useful stuff click the following button: Spoiler Any of my own code posted anywhere on the forum is available for use by others without any restriction of any kind. My contribution (my own projects): * Debenu Quick PDF Library - UDF * Debenu PDF Viewer SDK - UDF * Acrobat Reader - ActiveX Viewer * UDF for PDFCreator v1.x.x * XZip - UDF * AppCompatFlags UDF * CrowdinAPI UDF * _WinMergeCompare2Files() * _JavaExceptionAdd() * _IsBeta() * Writing DPI Awareness App - workaround * _AutoIt_RequiredVersion() * Chilkatsoft.au3 UDF * TeamViewer.au3 UDF * JavaManagement UDF * VIES over SOAP * WinSCP UDF * GHAPI UDF - modest begining - comunication with GitHub REST API * ErrorLog.au3 UDF - A logging Library * Include Dependency Tree (Tool for analyzing script relations) * Show_Macro_Values.au3 * My contribution to others projects or UDF based on others projects: * _sql.au3 UDF * POP3.au3 UDF * RTF Printer - UDF * XML.au3 UDF * ADO.au3 UDF * SMTP Mailer UDF * Dual Monitor resolution detection * * 2GUI on Dual Monitor System * _SciLexer.au3 UDF * SciTE - Lexer for console pane * Useful links: * Forum Rules * Forum etiquette * Forum Information and FAQs * How to post code on the forum * AutoIt Online Documentation * AutoIt Online Beta Documentation * SciTE4AutoIt3 getting started * Convert text blocks to AutoIt code * Games made in Autoit * Programming related sites * Polish AutoIt Tutorial * DllCall Code Generator * Wiki: * Expand your knowledge - AutoIt Wiki * Collection of User Defined Functions * How to use HelpFile * Good coding practices in AutoIt * OpenOffice/LibreOffice/XLS Related: WriterDemo.au3 * XLS/MDB from scratch with ADOX IE Related: * How to use IE.au3 UDF with AutoIt v3.3.14.x * Why isn't Autoit able to click a Javascript Dialog? * Clicking javascript button with no ID * IE document >> save as MHT file * IETab Switcher (by LarsJ ) * HTML Entities * _IEquerySelectorAll() (by uncommon) * IE in TaskScheduler * IE Embedded Control Versioning (use IE9+ and HTML5 in a GUI) * PDF Related: * How to get reference to PDF object embeded in IE * IE on Windows 11 * I encourage you to read: * Global Vars * Best Coding Practices * Please explain code used in Help file for several File functions * OOP-like approach in AutoIt * UDF-Spec Questions * EXAMPLE: How To Catch ConsoleWrite() output to a file or to CMD *I also encourage you to check awesome @trancexx code: * Create COM objects from modules without any demand on user to register anything. * Another COM object registering stuff * OnHungApp handler * Avoid "AutoIt Error" message box in unknown errors * HTML editor * winhttp.au3 related : * https://www.autoitscript.com/forum/topic/206771-winhttpau3-download-problem-youre-speaking-plain-http-to-an-ssl-enabled-server-port/ "Homo sum; humani nil a me alienum puto" - Publius Terentius Afer"Program are meant to be read by humans and only incidentally for computers and execute" - Donald Knuth, "The Art of Computer Programming" , be and \\//_. Anticipating Errors : "Any program that accepts data from a user must include code to validate that data before sending it to the data store. You cannot rely on the data store, ...., or even your programming language to notify you of problems. You must check every byte entered by your users, making sure that data is the correct type for its field and that required fields are not empty." Signature last update: 2023-04-24
Moderators JLogan3o13 Posted September 4, 2018 Moderators Posted September 4, 2018 IIRC parameter 0 is the query language used (been a loong time since vbscript). If you don't leave as default (0), your only other option is "WQL". mLipok 1 "Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball How to get your question answered on this forum!
mLipok Posted January 31, 2019 Author Posted January 31, 2019 I have one other question. How bit locker works in this specific situation : I have encrypted SSD drive with my operating system and data. If MainBoard on this WorkStation crash .... Can I connect the same SSD drive to other computer and unlock this drive on this other computer? In other words: I want to know if encryption is related to specific WORKSTATION? If not .... can it be done in this way? Signature beginning:* Please remember: "AutoIt"..... * Wondering who uses AutoIt and what it can be used for ? * Forum Rules ** ADO.au3 UDF * POP3.au3 UDF * XML.au3 UDF * IE on Windows 11 * How to ask ChatGPT for AutoIt Code * for other useful stuff click the following button: Spoiler Any of my own code posted anywhere on the forum is available for use by others without any restriction of any kind. My contribution (my own projects): * Debenu Quick PDF Library - UDF * Debenu PDF Viewer SDK - UDF * Acrobat Reader - ActiveX Viewer * UDF for PDFCreator v1.x.x * XZip - UDF * AppCompatFlags UDF * CrowdinAPI UDF * _WinMergeCompare2Files() * _JavaExceptionAdd() * _IsBeta() * Writing DPI Awareness App - workaround * _AutoIt_RequiredVersion() * Chilkatsoft.au3 UDF * TeamViewer.au3 UDF * JavaManagement UDF * VIES over SOAP * WinSCP UDF * GHAPI UDF - modest begining - comunication with GitHub REST API * ErrorLog.au3 UDF - A logging Library * Include Dependency Tree (Tool for analyzing script relations) * Show_Macro_Values.au3 * My contribution to others projects or UDF based on others projects: * _sql.au3 UDF * POP3.au3 UDF * RTF Printer - UDF * XML.au3 UDF * ADO.au3 UDF * SMTP Mailer UDF * Dual Monitor resolution detection * * 2GUI on Dual Monitor System * _SciLexer.au3 UDF * SciTE - Lexer for console pane * Useful links: * Forum Rules * Forum etiquette * Forum Information and FAQs * How to post code on the forum * AutoIt Online Documentation * AutoIt Online Beta Documentation * SciTE4AutoIt3 getting started * Convert text blocks to AutoIt code * Games made in Autoit * Programming related sites * Polish AutoIt Tutorial * DllCall Code Generator * Wiki: * Expand your knowledge - AutoIt Wiki * Collection of User Defined Functions * How to use HelpFile * Good coding practices in AutoIt * OpenOffice/LibreOffice/XLS Related: WriterDemo.au3 * XLS/MDB from scratch with ADOX IE Related: * How to use IE.au3 UDF with AutoIt v3.3.14.x * Why isn't Autoit able to click a Javascript Dialog? * Clicking javascript button with no ID * IE document >> save as MHT file * IETab Switcher (by LarsJ ) * HTML Entities * _IEquerySelectorAll() (by uncommon) * IE in TaskScheduler * IE Embedded Control Versioning (use IE9+ and HTML5 in a GUI) * PDF Related: * How to get reference to PDF object embeded in IE * IE on Windows 11 * I encourage you to read: * Global Vars * Best Coding Practices * Please explain code used in Help file for several File functions * OOP-like approach in AutoIt * UDF-Spec Questions * EXAMPLE: How To Catch ConsoleWrite() output to a file or to CMD *I also encourage you to check awesome @trancexx code: * Create COM objects from modules without any demand on user to register anything. * Another COM object registering stuff * OnHungApp handler * Avoid "AutoIt Error" message box in unknown errors * HTML editor * winhttp.au3 related : * https://www.autoitscript.com/forum/topic/206771-winhttpau3-download-problem-youre-speaking-plain-http-to-an-ssl-enabled-server-port/ "Homo sum; humani nil a me alienum puto" - Publius Terentius Afer"Program are meant to be read by humans and only incidentally for computers and execute" - Donald Knuth, "The Art of Computer Programming" , be and \\//_. Anticipating Errors : "Any program that accepts data from a user must include code to validate that data before sending it to the data store. You cannot rely on the data store, ...., or even your programming language to notify you of problems. You must check every byte entered by your users, making sure that data is the correct type for its field and that required fields are not empty." Signature last update: 2023-04-24
Developers Jos Posted January 31, 2019 Developers Posted January 31, 2019 (edited) IT sounds like you first need to do some homework before using bitlocker. Iam a bit rusty too but am pretty sure there is a recovery key generated, which we stored in the AD, but guess it all depends on how you roll bitlocker out. Either way you will need to save these recovery keys in the AD or somewhere else safe. Jos Edited January 31, 2019 by Jos SciTE4AutoIt3 Full installer Download page - Beta files Read before posting How to post scriptsource Forum etiquette Forum Rules Live for the present, Dream of the future, Learn from the past.
mLipok Posted January 31, 2019 Author Posted January 31, 2019 (edited) Will this be not enough if I remember the password, on a case when my MainBoard crash? btw. I know that recovery key is also important to be saved, on case when I forget the password. Edited January 31, 2019 by mLipok Signature beginning:* Please remember: "AutoIt"..... * Wondering who uses AutoIt and what it can be used for ? * Forum Rules ** ADO.au3 UDF * POP3.au3 UDF * XML.au3 UDF * IE on Windows 11 * How to ask ChatGPT for AutoIt Code * for other useful stuff click the following button: Spoiler Any of my own code posted anywhere on the forum is available for use by others without any restriction of any kind. My contribution (my own projects): * Debenu Quick PDF Library - UDF * Debenu PDF Viewer SDK - UDF * Acrobat Reader - ActiveX Viewer * UDF for PDFCreator v1.x.x * XZip - UDF * AppCompatFlags UDF * CrowdinAPI UDF * _WinMergeCompare2Files() * _JavaExceptionAdd() * _IsBeta() * Writing DPI Awareness App - workaround * _AutoIt_RequiredVersion() * Chilkatsoft.au3 UDF * TeamViewer.au3 UDF * JavaManagement UDF * VIES over SOAP * WinSCP UDF * GHAPI UDF - modest begining - comunication with GitHub REST API * ErrorLog.au3 UDF - A logging Library * Include Dependency Tree (Tool for analyzing script relations) * Show_Macro_Values.au3 * My contribution to others projects or UDF based on others projects: * _sql.au3 UDF * POP3.au3 UDF * RTF Printer - UDF * XML.au3 UDF * ADO.au3 UDF * SMTP Mailer UDF * Dual Monitor resolution detection * * 2GUI on Dual Monitor System * _SciLexer.au3 UDF * SciTE - Lexer for console pane * Useful links: * Forum Rules * Forum etiquette * Forum Information and FAQs * How to post code on the forum * AutoIt Online Documentation * AutoIt Online Beta Documentation * SciTE4AutoIt3 getting started * Convert text blocks to AutoIt code * Games made in Autoit * Programming related sites * Polish AutoIt Tutorial * DllCall Code Generator * Wiki: * Expand your knowledge - AutoIt Wiki * Collection of User Defined Functions * How to use HelpFile * Good coding practices in AutoIt * OpenOffice/LibreOffice/XLS Related: WriterDemo.au3 * XLS/MDB from scratch with ADOX IE Related: * How to use IE.au3 UDF with AutoIt v3.3.14.x * Why isn't Autoit able to click a Javascript Dialog? * Clicking javascript button with no ID * IE document >> save as MHT file * IETab Switcher (by LarsJ ) * HTML Entities * _IEquerySelectorAll() (by uncommon) * IE in TaskScheduler * IE Embedded Control Versioning (use IE9+ and HTML5 in a GUI) * PDF Related: * How to get reference to PDF object embeded in IE * IE on Windows 11 * I encourage you to read: * Global Vars * Best Coding Practices * Please explain code used in Help file for several File functions * OOP-like approach in AutoIt * UDF-Spec Questions * EXAMPLE: How To Catch ConsoleWrite() output to a file or to CMD *I also encourage you to check awesome @trancexx code: * Create COM objects from modules without any demand on user to register anything. * Another COM object registering stuff * OnHungApp handler * Avoid "AutoIt Error" message box in unknown errors * HTML editor * winhttp.au3 related : * https://www.autoitscript.com/forum/topic/206771-winhttpau3-download-problem-youre-speaking-plain-http-to-an-ssl-enabled-server-port/ "Homo sum; humani nil a me alienum puto" - Publius Terentius Afer"Program are meant to be read by humans and only incidentally for computers and execute" - Donald Knuth, "The Art of Computer Programming" , be and \\//_. Anticipating Errors : "Any program that accepts data from a user must include code to validate that data before sending it to the data store. You cannot rely on the data store, ...., or even your programming language to notify you of problems. You must check every byte entered by your users, making sure that data is the correct type for its field and that required fields are not empty." Signature last update: 2023-04-24
mLipok Posted January 31, 2019 Author Posted January 31, 2019 (edited) or another case, I hope simpler: Let's assume that I have pendrive encrytped with bitlocker. In case when I want to decrypt pendrive content on other WorkStation, what do I need to have/know (password or recovery key), ? 12 minutes ago, Jos said: IT sounds like you first need to do some homework before using bitlocker. yes..... Edited January 31, 2019 by mLipok Signature beginning:* Please remember: "AutoIt"..... * Wondering who uses AutoIt and what it can be used for ? * Forum Rules ** ADO.au3 UDF * POP3.au3 UDF * XML.au3 UDF * IE on Windows 11 * How to ask ChatGPT for AutoIt Code * for other useful stuff click the following button: Spoiler Any of my own code posted anywhere on the forum is available for use by others without any restriction of any kind. My contribution (my own projects): * Debenu Quick PDF Library - UDF * Debenu PDF Viewer SDK - UDF * Acrobat Reader - ActiveX Viewer * UDF for PDFCreator v1.x.x * XZip - UDF * AppCompatFlags UDF * CrowdinAPI UDF * _WinMergeCompare2Files() * _JavaExceptionAdd() * _IsBeta() * Writing DPI Awareness App - workaround * _AutoIt_RequiredVersion() * Chilkatsoft.au3 UDF * TeamViewer.au3 UDF * JavaManagement UDF * VIES over SOAP * WinSCP UDF * GHAPI UDF - modest begining - comunication with GitHub REST API * ErrorLog.au3 UDF - A logging Library * Include Dependency Tree (Tool for analyzing script relations) * Show_Macro_Values.au3 * My contribution to others projects or UDF based on others projects: * _sql.au3 UDF * POP3.au3 UDF * RTF Printer - UDF * XML.au3 UDF * ADO.au3 UDF * SMTP Mailer UDF * Dual Monitor resolution detection * * 2GUI on Dual Monitor System * _SciLexer.au3 UDF * SciTE - Lexer for console pane * Useful links: * Forum Rules * Forum etiquette * Forum Information and FAQs * How to post code on the forum * AutoIt Online Documentation * AutoIt Online Beta Documentation * SciTE4AutoIt3 getting started * Convert text blocks to AutoIt code * Games made in Autoit * Programming related sites * Polish AutoIt Tutorial * DllCall Code Generator * Wiki: * Expand your knowledge - AutoIt Wiki * Collection of User Defined Functions * How to use HelpFile * Good coding practices in AutoIt * OpenOffice/LibreOffice/XLS Related: WriterDemo.au3 * XLS/MDB from scratch with ADOX IE Related: * How to use IE.au3 UDF with AutoIt v3.3.14.x * Why isn't Autoit able to click a Javascript Dialog? * Clicking javascript button with no ID * IE document >> save as MHT file * IETab Switcher (by LarsJ ) * HTML Entities * _IEquerySelectorAll() (by uncommon) * IE in TaskScheduler * IE Embedded Control Versioning (use IE9+ and HTML5 in a GUI) * PDF Related: * How to get reference to PDF object embeded in IE * IE on Windows 11 * I encourage you to read: * Global Vars * Best Coding Practices * Please explain code used in Help file for several File functions * OOP-like approach in AutoIt * UDF-Spec Questions * EXAMPLE: How To Catch ConsoleWrite() output to a file or to CMD *I also encourage you to check awesome @trancexx code: * Create COM objects from modules without any demand on user to register anything. * Another COM object registering stuff * OnHungApp handler * Avoid "AutoIt Error" message box in unknown errors * HTML editor * winhttp.au3 related : * https://www.autoitscript.com/forum/topic/206771-winhttpau3-download-problem-youre-speaking-plain-http-to-an-ssl-enabled-server-port/ "Homo sum; humani nil a me alienum puto" - Publius Terentius Afer"Program are meant to be read by humans and only incidentally for computers and execute" - Donald Knuth, "The Art of Computer Programming" , be and \\//_. Anticipating Errors : "Any program that accepts data from a user must include code to validate that data before sending it to the data store. You cannot rely on the data store, ...., or even your programming language to notify you of problems. You must check every byte entered by your users, making sure that data is the correct type for its field and that required fields are not empty." Signature last update: 2023-04-24
Moderators JLogan3o13 Posted January 31, 2019 Moderators Posted January 31, 2019 If you use Bitlocker on a thumb drive, you're using what is called "Bitlocker To Go", it is not dependent on TPM. When you encrypt the drive you are prompted for where to save your recovery key. When you insert the drive into a different machine you will be presented with a pop up asking for the password (key). Enter this successfully and you will have access to the files; lose it and you are SOL "Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball How to get your question answered on this forum!
mLipok Posted January 31, 2019 Author Posted January 31, 2019 So using TPM , the encrypted drive is related to the specific machine until I use RecoveryKey on other machines? Signature beginning:* Please remember: "AutoIt"..... * Wondering who uses AutoIt and what it can be used for ? * Forum Rules ** ADO.au3 UDF * POP3.au3 UDF * XML.au3 UDF * IE on Windows 11 * How to ask ChatGPT for AutoIt Code * for other useful stuff click the following button: Spoiler Any of my own code posted anywhere on the forum is available for use by others without any restriction of any kind. My contribution (my own projects): * Debenu Quick PDF Library - UDF * Debenu PDF Viewer SDK - UDF * Acrobat Reader - ActiveX Viewer * UDF for PDFCreator v1.x.x * XZip - UDF * AppCompatFlags UDF * CrowdinAPI UDF * _WinMergeCompare2Files() * _JavaExceptionAdd() * _IsBeta() * Writing DPI Awareness App - workaround * _AutoIt_RequiredVersion() * Chilkatsoft.au3 UDF * TeamViewer.au3 UDF * JavaManagement UDF * VIES over SOAP * WinSCP UDF * GHAPI UDF - modest begining - comunication with GitHub REST API * ErrorLog.au3 UDF - A logging Library * Include Dependency Tree (Tool for analyzing script relations) * Show_Macro_Values.au3 * My contribution to others projects or UDF based on others projects: * _sql.au3 UDF * POP3.au3 UDF * RTF Printer - UDF * XML.au3 UDF * ADO.au3 UDF * SMTP Mailer UDF * Dual Monitor resolution detection * * 2GUI on Dual Monitor System * _SciLexer.au3 UDF * SciTE - Lexer for console pane * Useful links: * Forum Rules * Forum etiquette * Forum Information and FAQs * How to post code on the forum * AutoIt Online Documentation * AutoIt Online Beta Documentation * SciTE4AutoIt3 getting started * Convert text blocks to AutoIt code * Games made in Autoit * Programming related sites * Polish AutoIt Tutorial * DllCall Code Generator * Wiki: * Expand your knowledge - AutoIt Wiki * Collection of User Defined Functions * How to use HelpFile * Good coding practices in AutoIt * OpenOffice/LibreOffice/XLS Related: WriterDemo.au3 * XLS/MDB from scratch with ADOX IE Related: * How to use IE.au3 UDF with AutoIt v3.3.14.x * Why isn't Autoit able to click a Javascript Dialog? * Clicking javascript button with no ID * IE document >> save as MHT file * IETab Switcher (by LarsJ ) * HTML Entities * _IEquerySelectorAll() (by uncommon) * IE in TaskScheduler * IE Embedded Control Versioning (use IE9+ and HTML5 in a GUI) * PDF Related: * How to get reference to PDF object embeded in IE * IE on Windows 11 * I encourage you to read: * Global Vars * Best Coding Practices * Please explain code used in Help file for several File functions * OOP-like approach in AutoIt * UDF-Spec Questions * EXAMPLE: How To Catch ConsoleWrite() output to a file or to CMD *I also encourage you to check awesome @trancexx code: * Create COM objects from modules without any demand on user to register anything. * Another COM object registering stuff * OnHungApp handler * Avoid "AutoIt Error" message box in unknown errors * HTML editor * winhttp.au3 related : * https://www.autoitscript.com/forum/topic/206771-winhttpau3-download-problem-youre-speaking-plain-http-to-an-ssl-enabled-server-port/ "Homo sum; humani nil a me alienum puto" - Publius Terentius Afer"Program are meant to be read by humans and only incidentally for computers and execute" - Donald Knuth, "The Art of Computer Programming" , be and \\//_. Anticipating Errors : "Any program that accepts data from a user must include code to validate that data before sending it to the data store. You cannot rely on the data store, ...., or even your programming language to notify you of problems. You must check every byte entered by your users, making sure that data is the correct type for its field and that required fields are not empty." Signature last update: 2023-04-24
mLipok Posted March 4, 2021 Author Posted March 4, 2021 Refactored version: expandcollapse popup;~ https://www.autoitscript.com/forum/topic/194953-trusted-platform-module-bitlocker Const $iForAppending = 8 Const $iSetPres = 10 ;~ const $HKEY_LOCAL_MACHINE = &H80000002 Const $REG_SZ = 1 Const $REG_EXPAND_SZ = 2 Const $REG_BINARY = 3 Const $REG_DWORD = 4 Const $REG_MULTI_SZ = 7 Global $o_objTpm Global $__g_bIsEnabled, $__g_bIsActivated, $__g_bIsOwned, $__g_bIsOwnershipAllowed, $__g_objLog, $__g_TakeOwnership, $Enable, $__g_objEnVol, $__g_strStatusTPM, $__g_strStatusBDE, $__g_strStatusTPMState _Example() Exit Func _Example() ;~ Local $o_objGPPT, $s_strOwnerPassword, $s_strPassword, $objWMIBDE, $nProtStatus, $ProtectVar, $objOSSysDriv, $objSWbemServices, $objOS, $coloperatingsystem, $sProtID, $s_strOldOwnerPassword ;~ Local $argProtect, $argRK, $argEM, $argSMS, $argLOG, $argRO, $argPrompt, $strCurrentUser, $argValid, $i, $strPIN, $objRemovableDrive, $strStatusCode, $strStatusData, $MIF, $strEKP, $strEK ;~ Local $ActiveDirectoryBackup, $ActiveDirectoryInfoToStore, $RequireActiveDirectoryBackup, $EncryptionMethod, $BackupMandatory, $s_strStartDate, $s_strStartTime, $s_strRetry, $s_strPolicy ;~ Local $__g_Drive_St, $__g_lDriveType Local $_tpmst = ConnectTPMProv() Local $_encst = DriveEncryted() Local $systempart = "" Local $part_details = "" getsystempart($systempart, $part_details) writeXML("C:", $_tpmst & $_encst, "", $systempart, $part_details) Sleep(1000) EndFunc ;==>_Example Func ConnectTPMProv() Local $i_TPM_Enabled = 0 ;~ Local $i_Encryption_status = 0 ;~ Local $i_TMP_err = 0 Local $s_strConnectionStr1 = "winmgmts:{impersonationLevel=impersonate,authenticationLevel=pktPrivacy}!root\cimv2\Security\MicrosoftTpm" Local $o_objWMITPM = ObjGet($s_strConnectionStr1) If @error Then _ConsoleWrite("ERROR - Failed to connect to the MicrosoftTPM provider.") $i_TPM_Enabled = 9 Else _ConsoleWrite("Connection succeeded to MicrosoftTPM") ; There should either be 0 or 1 instance of the TPM provider class Local $o_colTpm = $o_objWMITPM.InstancesOf("Win32_Tpm") If $o_colTpm.Count = 0 Then _ConsoleWrite("ERROR - Failed get a TPM instance in the provider class. Script is exiting...") Else ; Get a single instance of the TPM provider class Local $o_objTpm = $o_objWMITPM.Get("Win32_Tpm=@") #forceref $o_objTpm If @error Then _ConsoleWrite("ERROR - Failed get a TPM instance in the provider class. Script is exiting...(Error: " & @error & ")") Else $i_TPM_Enabled = 1 _ConsoleWrite("Successfully retrieved a TPM instance from the Win32_TPM provider class") GetTPMStatus() ; Get the current status of the TPM to determine action _ConsoleWrite("$__g_bIsEnabled:" & $__g_bIsEnabled & "$__g_bIsActivated:" & $__g_bIsActivated & " $__g_bIsOwned:" & $__g_bIsOwned) ; The following If statements cause the script to react differently depending on the TPM state If $__g_bIsEnabled = "True" And $__g_bIsActivated = "True" And $__g_bIsOwned = "True" Then _ConsoleWrite("TPM is in a ready state to enable BitLocker.") $i_TPM_Enabled = 6 ElseIf $__g_bIsEnabled = "True" And $__g_bIsActivated = "True" And $__g_bIsOwned = "False" Then _ConsoleWrite("TPM ownership is not taken.") $i_TPM_Enabled = 5 ElseIf $__g_bIsEnabled = "True" And $__g_bIsActivated = "False" And $__g_bIsOwned = "False" Then _ConsoleWrite("TPM is turned on but not activated..") $i_TPM_Enabled = 4 ElseIf $__g_bIsEnabled = "False" And $__g_bIsActivated = "False" And $__g_bIsOwned = "False" Then _ConsoleWrite("TPM is not turned on..") $i_TPM_Enabled = 3 ElseIf $__g_bIsEnabled = "False" And $__g_bIsActivated = "True" And $__g_bIsOwned = "True" Then _ConsoleWrite("TPM is not enabled") $i_TPM_Enabled = 2 EndIf EndIf EndIf EndIf Return $i_TPM_Enabled EndFunc ;==>ConnectTPMProv Func DriveEncryted() Local $systempart, $part_details, $s_strDrive, $s_strProtectionStatus, $s_strVolumeId #forceref $s_strVolumeId Local $_encsts = 0 ; Check whether the C: drive is encrypted ; WMI connection to Win32_EncryptableVolume, note that this will be only available on devices where BitLocker is enabled Local $o_objWMIService = ObjGet("winmgmts:{impersonationLevel=impersonate,authenticationLevel=pktPrivacy}!root\cimv2\Security\MicrosoftVolumeEncryption") If @error Then _ConsoleWrite("ERROR - Failed to connect to the MicrosoftVolumeEncryption provider.") $_encsts = 9 Else Local $o_colItems = $o_objWMIService.ExecQuery("SELECT * FROM Win32_EncryptableVolume ", 0, 48) Local $i_teller For $o_objItem In $o_colItems $i_teller = $i_teller + 1 $s_strProtectionStatus = $o_objItem.ProtectionStatus $s_strDrive = $o_objItem.DriveLetter $s_strVolumeId = $o_objItem.PersistentVolumeID ;~ Numeric value that corresponds to the type of disk drive this logical disk represents. ;~ Unknown (0) ;~ No Root Directory(1) ;~ Removable Disk(2) ;~ Local Disk(3) ;~ Network Drive(4) ;~ Compact Disc (5) ;~ RAM Disk (6) If GetDriveType($s_strDrive) = 3 Then _ConsoleWrite("$s_strProtectionStatus " & $s_strProtectionStatus) GetVolName($s_strDrive) _ConsoleWrite("2.$systempart : " & $systempart) _ConsoleWrite("2.$part_details: " & $part_details) If $s_strProtectionStatus = "1" Then $_encsts = 1 EndIf EndIf Next If $i_teller = 0 Then $_encsts = 9 EndIf EndIf Return $_encsts EndFunc ;==>DriveEncryted Func GetDriveType($DriveLetter) _ConsoleWrite("### Get Disk DriveType for " & $DriveLetter) ;~ Enumerating Logical Disk Drive Properties Local $s_strComputer = "." Local $o_objWMIService = ObjGet("winmgmts:" _ & "{impersonationLevel=impersonate}!\\" & $s_strComputer & "\root\cimv2") Local $o_colDisks = $o_objWMIService.ExecQuery _ ("Select * from Win32_LogicalDisk") For $o_objDisk In $o_colDisks If $o_objDisk.DeviceID = $DriveLetter Then Local $GetDriveType = $o_objDisk.DriveType _ConsoleWrite("DeviceID: " & $DriveLetter & " DriveType:" & $GetDriveType) Return $GetDriveType EndIf Next _ConsoleWrite("! DeviceID: " & $DriveLetter & " DriveType not found.") EndFunc ;==>GetDriveType Func GetVolName($DriveLetter) _ConsoleWrite("### Get Disk DriveType for " & $DriveLetter) ;~ Enumerating Logical Disk Drive Properties Local $s_strComputer = "." Local $o_objWMIService = ObjGet("winmgmts:" _ & "{impersonationLevel=impersonate}!\\" & $s_strComputer & "\root\cimv2") Local $o_colDisks = $o_objWMIService.ExecQuery _ ("Select * from Win32_LogicalDisk") For $o_objDisk In $o_colDisks If $o_objDisk.DeviceID = $DriveLetter Then Local $GetVolName = $o_objDisk.VolumeName _ConsoleWrite("DeviceID: " & $DriveLetter & " info:" & $GetVolName) Return $GetVolName EndIf Next _ConsoleWrite("! DeviceID: " & $DriveLetter & " DriveType not found.") EndFunc ;==>GetVolName Func ProtectStatus($s_strProtectionStatus) Local $ProtectStatus Select Case $s_strProtectionStatus = 0 $ProtectStatus = "OFF" Case $s_strProtectionStatus = 1 $ProtectStatus = "ON" Case $s_strProtectionStatus = 2 $ProtectStatus = "Unk" EndSelect Return $ProtectStatus EndFunc ;==>ProtectStatus Func GetTPMStatus() Local $i_nRC = $o_objTpm.IsEnabled($__g_bIsEnabled) If $i_nRC <> 0 Then _ConsoleWrite("ERROR - The method IsEnabled failed with return code 0x" & Hex($i_nRC)) EndIf $i_nRC = $o_objTpm.IsActivated($__g_bIsActivated) If $i_nRC <> 0 Then _ConsoleWrite("ERROR - The method IsActivated failed with return code 0x" & Hex($i_nRC)) EndIf $i_nRC = $o_objTpm.IsOwned($__g_bIsOwned) If $i_nRC <> 0 Then _ConsoleWrite("ERROR - The method IsOwned failed with return code 0x" & Hex($i_nRC)) EndIf $__g_strStatusTPMState = "TPM found in the following state: Enabled - " & $__g_bIsEnabled & ", Activated - " & $__g_bIsActivated & ", Owned - " & $__g_bIsOwned EndFunc ;==>GetTPMStatus Func getsystempart($systempart, $part_details) Local $s_strComputer = "." $systempart = 7 $part_details = "" Local $o_objWMIService = ObjGet("winmgmts:" _ & "{impersonationLevel=impersonate}!\\" & $s_strComputer & "\root\cimv2") Local $o_colItems = $o_objWMIService.ExecQuery("Select * from Win32_Volume") For $o_objItem In $o_colItems _ConsoleWrite("Caption: " & $o_objItem.Caption & " Label:" & $o_objItem.Label & " Size:" & $o_objItem.Capacity & " " & StringMid($o_objItem.Caption, 2, 1)) $part_details = $part_details & "#" & $o_objItem.Caption & "|" & $o_objItem.Label & "|" & $o_objItem.Capacity ; * Didn't work because some had "System" as Label ;~ if $o_objItem.Label = "System Reserved" then ;~ $systempart = 1 ;~ EndIf ; If StringLower(StringMid($o_objItem.Caption, 2, 2)) <> ":" And $o_objItem.Capacity < 20000000000 Then $systempart = 1 EndIf Next _ConsoleWrite("$systempart : " & $systempart) _ConsoleWrite("$part_details: " & $part_details) EndFunc ;==>getsystempart Func writeXML($s_strDrive, $i_TPM_Enabled, $s_strVolumeId, $i_Syspart, $s_SyspartDet) MsgBox(0, '', _ "<SOFTWARES>" & @CRLF & _ "<PUBLISHER>Staples Specific</PUBLISHER>" & @CRLF & _ "<NAME>Bitlocker_Status</NAME>" & @CRLF & _ "<VERSION>" & $i_TPM_Enabled & "</VERSION>" & @CRLF & _ "<FOLDER>" & $s_strDrive & "/</FOLDER>" & @CRLF & _ "<COMMENTS>" & $s_SyspartDet & "</COMMENTS>" & @CRLF & _ "<FILENAME>" & $s_strVolumeId & "</FILENAME>" & @CRLF & _ "<FILESIZE>" & $i_Syspart & "</FILESIZE>" & @CRLF & _ "<GUID />" & @CRLF & _ "<LANGUAGE />" & @CRLF & _ "<INSTALLDATE>2016-05-02 10:30:00</INSTALLDATE>" & @CRLF & _ "<BITSWIDTH>0</BITSWIDTH>" & @CRLF & _ "<SOURCE>1</SOURCE>" & @CRLF & _ "</SOFTWARES>" _ ) EndFunc ;==>writeXML Func _ConsoleWrite($sData) ConsoleWrite($sData & @CRLF) EndFunc ;==>_ConsoleWrite Signature beginning:* Please remember: "AutoIt"..... * Wondering who uses AutoIt and what it can be used for ? * Forum Rules ** ADO.au3 UDF * POP3.au3 UDF * XML.au3 UDF * IE on Windows 11 * How to ask ChatGPT for AutoIt Code * for other useful stuff click the following button: Spoiler Any of my own code posted anywhere on the forum is available for use by others without any restriction of any kind. My contribution (my own projects): * Debenu Quick PDF Library - UDF * Debenu PDF Viewer SDK - UDF * Acrobat Reader - ActiveX Viewer * UDF for PDFCreator v1.x.x * XZip - UDF * AppCompatFlags UDF * CrowdinAPI UDF * _WinMergeCompare2Files() * _JavaExceptionAdd() * _IsBeta() * Writing DPI Awareness App - workaround * _AutoIt_RequiredVersion() * Chilkatsoft.au3 UDF * TeamViewer.au3 UDF * JavaManagement UDF * VIES over SOAP * WinSCP UDF * GHAPI UDF - modest begining - comunication with GitHub REST API * ErrorLog.au3 UDF - A logging Library * Include Dependency Tree (Tool for analyzing script relations) * Show_Macro_Values.au3 * My contribution to others projects or UDF based on others projects: * _sql.au3 UDF * POP3.au3 UDF * RTF Printer - UDF * XML.au3 UDF * ADO.au3 UDF * SMTP Mailer UDF * Dual Monitor resolution detection * * 2GUI on Dual Monitor System * _SciLexer.au3 UDF * SciTE - Lexer for console pane * Useful links: * Forum Rules * Forum etiquette * Forum Information and FAQs * How to post code on the forum * AutoIt Online Documentation * AutoIt Online Beta Documentation * SciTE4AutoIt3 getting started * Convert text blocks to AutoIt code * Games made in Autoit * Programming related sites * Polish AutoIt Tutorial * DllCall Code Generator * Wiki: * Expand your knowledge - AutoIt Wiki * Collection of User Defined Functions * How to use HelpFile * Good coding practices in AutoIt * OpenOffice/LibreOffice/XLS Related: WriterDemo.au3 * XLS/MDB from scratch with ADOX IE Related: * How to use IE.au3 UDF with AutoIt v3.3.14.x * Why isn't Autoit able to click a Javascript Dialog? * Clicking javascript button with no ID * IE document >> save as MHT file * IETab Switcher (by LarsJ ) * HTML Entities * _IEquerySelectorAll() (by uncommon) * IE in TaskScheduler * IE Embedded Control Versioning (use IE9+ and HTML5 in a GUI) * PDF Related: * How to get reference to PDF object embeded in IE * IE on Windows 11 * I encourage you to read: * Global Vars * Best Coding Practices * Please explain code used in Help file for several File functions * OOP-like approach in AutoIt * UDF-Spec Questions * EXAMPLE: How To Catch ConsoleWrite() output to a file or to CMD *I also encourage you to check awesome @trancexx code: * Create COM objects from modules without any demand on user to register anything. * Another COM object registering stuff * OnHungApp handler * Avoid "AutoIt Error" message box in unknown errors * HTML editor * winhttp.au3 related : * https://www.autoitscript.com/forum/topic/206771-winhttpau3-download-problem-youre-speaking-plain-http-to-an-ssl-enabled-server-port/ "Homo sum; humani nil a me alienum puto" - Publius Terentius Afer"Program are meant to be read by humans and only incidentally for computers and execute" - Donald Knuth, "The Art of Computer Programming" , be and \\//_. Anticipating Errors : "Any program that accepts data from a user must include code to validate that data before sending it to the data store. You cannot rely on the data store, ...., or even your programming language to notify you of problems. You must check every byte entered by your users, making sure that data is the correct type for its field and that required fields are not empty." Signature last update: 2023-04-24
ModemJunki Posted September 15, 2022 Posted September 15, 2022 @mLipok - line 57 Local $o_objTpm = $o_objWMITPM.Get("Win32_Tpm=@") declares $o_objTpm local but should not .. if I remove "Local" works OK on my system. (when run as admin of course). mLipok 1 Always carry a towel.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now