-
Notifications
You must be signed in to change notification settings - Fork 94
/
Copy pathGet-BitLockerKey.ps1
49 lines (42 loc) · 1.46 KB
/
Get-BitLockerKey.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
function Get-BitLockerKey {
param (
[string]$comp = $env:COMPUTERNAME
#[string]$pwidmatch
)
if (!$comp.endswith('$')) {
$comp += '$'
}
$compsearcher = [adsisearcher]"samaccountname=$comp"
$compsearcher.PageSize = 200
$compsearcher.PropertiesToLoad.Add('name') | Out-Null
$compobj = $compsearcher.FindOne().Properties
if (!$compobj) {
throw "$comp not found"
}
$keysearcher = [adsisearcher]'objectclass=msFVE-RecoveryInformation'
$keysearcher.SearchRoot = [string]$compobj.adspath.trim()
$keysearcher.PageSize = 200
$keysearcher.PropertiesToLoad.AddRange(('name', 'msFVE-RecoveryPassword'))
$keys = $keysearcher.FindOne().Properties
if ($keys) {
$keys | % {
try{ rv matches -ea stop }catch{}
('' + $_.name) -match '^([^\{]+)\{([^\}]+)' | Out-Null
$date = $Matches[1]
$pwid = $Matches[2]
New-Object psobject -Property @{
Name = [string]$compobj.name
Date = $date
PasswordID = $pwid
BitLockerKey = [string]$_.'msfve-recoverypassword'
} | select name, date, passwordid, bitlockerkey
}
} else {
New-Object psobject -Property @{
Name = [string]$compobj.name
Date = ''
PasswordID = ''
BitLockerKey = ''
} | select name, date, passwordid, bitlockerkey
}
}