getting encryption status of remote machines using WMI RRS feed

  • Question

  • Hi

    I have the following code to get bitlocker encryption status

    It works fine on local machine

    But when trying to access a remote machine I get access denied - machines are on same domain, and I am running app as admin and logged on with full domain admin rights

     Dim strComputer = TextBox1.Text
            Dim scope As ManagementScope
            scope = New ManagementScope("\\" & strComputer & "\root\CIMV2\Security\MicrosoftVolumeEncryption")
            Dim query As New SelectQuery("SELECT * FROM Win32_EncryptableVolume")
            Dim searcher As New ManagementObjectSearcher(scope, query)
            Dim arEncryptionMethod = {"None", "AES 128 With Diffuser", "AES 256 With Diffuser", "AES 128", "AES 256", "Hardware", "XTS AES 128", "XTS AES 256"}
            Dim arProtectionStatus = {"Protection Off", "Protection On", "Protection Unknown"}
            Dim arConversionStatus = {"Fully Decrypted", "Fully Encrypted", "Encryption In Progress", "Decryption In Progress", "Encryption Paused", "Decryption Paused"}
            Dim arLockStatus = {"Unlocked", "Locked"}
            For Each objItem As ManagementObject In searcher.[Get]()
                If (arProtectionStatus(objItem.InvokeMethod("GetProtectionStatus", Nothing, Nothing)("ProtectionStatus"))) <> "Protection On" And (arEncryptionMethod(objItem.InvokeMethod("GetEncryptionMethod", Nothing, Nothing)("EncryptionMethod"))) <> "Fully Encrypted" Then
                    Append_tbResults(strComputer & " Drive: " & objItem("DriveLetter") & " is not encrypted" & vbCrLf)
                    Append_tbResults(strComputer & " Drive: " & objItem("DriveLetter") & " is encrypted with " & arEncryptionMethod(objItem.InvokeMethod("GetEncryptionMethod", Nothing, Nothing)("EncryptionMethod")) & vbCrLf)
                End If

    Any ideas please?

    Trying some other WMI code to check uptime works fine across links, so it is seems to be something to do with area in WMI I am looking I think

     Private Function ServerBootTime(ByVal tServer As String) As String
            ServerBootTime = "Unknown"
            Dim scope As ManagementScope
            scope = New ManagementScope("\\" & tServer & "\root\cimv2")
            ' define a select query
            Dim query As New SelectQuery("SELECT LastBootUpTime FROM Win32_OperatingSystem WHERE Primary='true'")
            ' create a new management object searcher and pass it
            ' the select query
            Dim searcher As New ManagementObjectSearcher(scope, query)
            ' get the datetime value and set the local boot
            ' time variable to contain that value
            For Each mo As ManagementObject In searcher.[Get]()
                ServerBootTime = ManagementDateTimeConverter.ToDateTime(mo.Properties("LastBootUpTime").Value.ToString())
        End Function

    If I can't get it to work then does anyone have any other method I can use to check bitlocker status of machines on a domain


    Darren Rose

    Thursday, May 17, 2018 6:32 PM


All replies