Validating Bitlocker encryption...

All Replies

• Tuesday, January 22, 2013 6:51 PM

   

   
  

  1

  That would be the easiest.  You can add on to that to clean up the output such as:

  Manage-bde status | find /I "Conversion Status"

  
  

  ---

  Be kind and Mark as Answer if I helped.

  • Proposed As Answer by Yagmoth555 Wednesday, January 23, 2013 3:14 AM
  • Marked As Answer by K_evin ZhuMicrosoft Contingent Staff, Moderator Monday, January 28, 2013 2:56 AM
  •  
  • Reply
  • Quote

   
• Tuesday, January 22, 2013 7:41 PM

   

   
  

  0

  Thanks.  That's what I had in mind and I think we can use that if necessary.

  Is anyone aware of a more definitive way to validate?  The concern is that the above basically confirms that the software says the software is working. 

  These are RAID volumes so unfortunately I can't just attach to some other controller and see what happens when I try to mount them.  I can disable TPM and reboot, but all this really verifies to me is that Windows is prompting for a key as expected.

  Thanks, as always.

  
  

  • Reply
  • Quote

   
• Tuesday, January 22, 2013 8:10 PM

   

   
  

  1

  Will this method work?

  GetProtectionStatus method of the Win32_EncryptableVolume class
  http://technet.microsoft.com/en-us/subscriptions/aa376448(v=vs.85).aspx

  Get Bitlocker Protection Status of Drive
  http://gallery.technet.microsoft.com/ScriptCenter/118689fe-61ee-49eb-9070-1f5085603392/?persist=True

  ---

  Dave Guenthner [MSFT] This posting is provided "AS IS" with no warranties, and confers no rights. http://blogs.technet.com/b/davguents_blog

  • Proposed As Answer by Yagmoth555 Wednesday, January 23, 2013 3:14 AM
  • Marked As Answer by K_evin ZhuMicrosoft Contingent Staff, Moderator Monday, January 28, 2013 2:56 AM
  •  
  • Reply
  • Quote

   
• Tuesday, January 22, 2013 10:28 PM

   

   
  

  0

  Dave, I believe that will work as well.

  Thanks for your input, gentlemen.

  • Reply
  • Quote