I understand that EEPC and BitLocker are incompatible (for obvious reasons) but I'd like to know exactly what happens if the EEPC client is deployed to a machine that has BitLocker active. Does the EEPC client refuse to install or does the machine no longer boot and/or blue screen?
A related question: Is it possible to check a machine remotely (registry setting) for active BitLocker?
1. No idea - never tried it! EEPC5 will install (EEPC6 won't), unless you are using AutoBoot and then there's a test for it.
2. No, you can't do a simple reg key check AFAIK - that will tell you Bitlocker is there, but not its activation state.
The actual test can be done using WMI - you'll find this in the CompetitiveCheck class within autodomain and other scripts - It's probably a bit rough as I assume the boot drive is C, I should probably evaluate it, but here it is for fun and giggles:
Private Property Get CheckBitLocker
' returns true or false depending on the detected state of Bitlocker.
' requires admin rights to get the correct answer.
On Error Resume Next
Set objWMIService = GetObject("winmgmts:\\.\root\CIMV2\Security\MicrosoftVolumeEncryption")
Set colItems = objWMIService.ExecQuery("SELECT * FROM Win32_EncryptableVolume where DriveLetter='C:'",,48)
On Error Goto 0
CheckBitLocker = false
If IsObject(objwmiservice) Then
'BitLockerSupported = True
'BitlockerSupported = False
For Each objItem in colItems
'get the encryption method for drive C. any non-zero answer means that there's some protection in place.
If blnTemp <>0 Then
CheckBitLocker = True