locked
How to detect if bitlocker is enabled on drive?

    Question

  • For extra security, we want to restrict our Windows Store app to only run on a drive with BitLocker enabled. How can we detect from within the app is BitLocker is enabled?
    Tuesday, April 29, 2014 6:21 AM

Answers

  • I am going to assume that this is for an LOB app, not a general Store app. In this case, you can leverage standard Windows Bitlocker APIs to determine if Bitlocker is enabled.  This link should lead you in the right direction:

    http://msdn.microsoft.com/en-us/library/aa376483%28v=vs.85%29.aspx


    Matt Small - Microsoft Escalation Engineer - Forum Moderator
    If my reply answers your question, please mark this post as answered.

    NOTE: If I ask for code, please provide something that I can drop directly into a project and run (including XAML), or an actual application project. I'm trying to help a lot of people, so I don't have time to figure out weird snippets with undefined objects and unknown namespaces.

    Tuesday, April 29, 2014 12:12 PM
    Moderator
  • No, you can't run a Windows Store app as an administrator and you can't directly detect Bitlocker from a Windows Store app. If you're writing a side-loaded line of business (LOB) app (as Matt assumed) then you can use the new broker system to call a desktop app from your Windows Store app.

    --Rob

    Tuesday, April 29, 2014 8:50 PM
    Owner

All replies

  • I am going to assume that this is for an LOB app, not a general Store app. In this case, you can leverage standard Windows Bitlocker APIs to determine if Bitlocker is enabled.  This link should lead you in the right direction:

    http://msdn.microsoft.com/en-us/library/aa376483%28v=vs.85%29.aspx


    Matt Small - Microsoft Escalation Engineer - Forum Moderator
    If my reply answers your question, please mark this post as answered.

    NOTE: If I ask for code, please provide something that I can drop directly into a project and run (including XAML), or an actual application project. I'm trying to help a lot of people, so I don't have time to figure out weird snippets with undefined objects and unknown namespaces.

    Tuesday, April 29, 2014 12:12 PM
    Moderator
  • Looks promising, but what about the part where is says:

    To use the Win32_EncryptableVolume methods, the following conditions must be met:

    • You must have administrator privileges.
    • ...

    Is is possible to run a Windows Store app as administrator?

    Tuesday, April 29, 2014 8:47 PM
  • No, you can't run a Windows Store app as an administrator and you can't directly detect Bitlocker from a Windows Store app. If you're writing a side-loaded line of business (LOB) app (as Matt assumed) then you can use the new broker system to call a desktop app from your Windows Store app.

    --Rob

    Tuesday, April 29, 2014 8:50 PM
    Owner
  • Thank you. No, the app is not a LOB app and it is deployed through the store. This is unfortunate because the method you describe will not work on Windows RT.
    Tuesday, April 29, 2014 9:20 PM
  • This seems more like an LOB app than a Store app - why would you allow the general public to download and install an app that requires this level of security?

    Matt Small - Microsoft Escalation Engineer - Forum Moderator
    If my reply answers your question, please mark this post as answered.

    NOTE: If I ask for code, please provide something that I can drop directly into a project and run (including XAML), or an actual application project. I'm trying to help a lot of people, so I don't have time to figure out weird snippets with undefined objects and unknown namespaces.

    Thursday, May 01, 2014 3:19 PM
    Moderator