I would like to perform a scan on the computers on our network. We are mostly in a laptop environment and I would like to create a script that will tell me what a remote machine's safeboot version is so that we arent exporting from the console. I would like to integrate that functionality into a group of scripts that will be doing our software tracking. Where is it even installed? Any help would be much appreciated. Thanks.
Deplyment teams decide where to install client. Different versions had different settings. But you can look for "SbClientLog.txt" or "SCMLOG.TXT" on client's boot drive. Checking content of those files would tell you about version.
I think you'd need something more robust. If you are thinking of the v5 version, you can tell the install path from the registry key.
[HKEY_LOCAL_MACHINE\SOFTWARE\SafeBoot International\SafeBoot Device Encryption]
"ClientDir"="C:\\Program Files\\McAfee\\Endpoint Encryption for PC"
This does not mean the product is active though - it just means the reg key is there.
If you want a definitive test of activity, you can use the "getcryptstate" api call of sbadmcl - you can do this through executing the command line version and capturing the output, or (better) use VBscript to drive it directly.
I attach an example which will give you the crypt state of a machine, and of course, an indication of whether the product is even there or not.
Not definitively no. you could get the file version of safeboot.sys I guess, but that really just tells you the version of the file - it does not prove that EEPC is active, or doing anything useful.
I was actually just about to do the file version check and then you made a good point. I should verify more than installation and version but also health and status of my Safeboot deployments.
getcryptstate is the best way for doing that - you don't have to use the COM object though - you can run the command in a batch file if needed and just pipe the output.
COM and VBS is a little more elegant though in my opinion.
To bad we notice some of MEE client failed for some reason..
another point to disband MEE from unhappy customer.