1 Reply Latest reply on Jan 19, 2011 8:52 AM by SafeBoot

    EEPC 5.2.5 and Windows 7 BitLocker


      I understand that EEPC and BitLocker are incompatible (for obvious reasons) but I'd like to know exactly what happens if the EEPC client is deployed to a machine that has BitLocker active. Does the EEPC client refuse to install or does the machine no longer boot and/or blue screen?


      A related question: Is it possible to check a machine remotely (registry setting) for active BitLocker?

        • 1. Re: EEPC 5.2.5 and Windows 7 BitLocker

          1. No idea - never tried it! EEPC5 will install (EEPC6 won't), unless you are using AutoBoot and then there's a test for it.


          2. No, you can't do a simple reg key check AFAIK - that will tell you Bitlocker is there, but not its activation state.


          The actual test can be done using WMI - you'll find this in the CompetitiveCheck class within autodomain and other scripts - It's probably a bit rough as I assume the boot drive is C, I should probably evaluate it, but here it is for fun and giggles:


          Private Property Get CheckBitLocker
              ' returns true or false depending on the detected state of Bitlocker. 
              ' requires admin rights to get the correct answer. 
                  On Error Resume Next
                  Dim objWMIService,colItems,objItem,blnTemp
                  Set objWMIService = GetObject("winmgmts:\\.\root\CIMV2\Security\MicrosoftVolumeEncryption") 
                  Set colItems = objWMIService.ExecQuery("SELECT * FROM Win32_EncryptableVolume where DriveLetter='C:'",,48) 
                  On Error Goto 0
                  CheckBitLocker = false
                  If IsObject(objwmiservice) Then
                      'BitLockerSupported = True
                      'BitlockerSupported = False
                      Exit Property
                  End if
                  For Each objItem in colItems
                      'get the encryption method for drive C. any non-zero answer means that there's some protection in place. 
                      objItem.getencryptionmethod blnTemp
                      If blnTemp <>0 Then 
                          CheckBitLocker = True
                      End if
              End Property



          Message was edited by: SafeBoot on 1/19/11 9:52:15 AM EST