-
Notifications
You must be signed in to change notification settings - Fork 126
Expand file tree
/
Copy pathRetrieveBitlockerRecoveryKey.ps1
More file actions
72 lines (62 loc) · 2.85 KB
/
RetrieveBitlockerRecoveryKey.ps1
File metadata and controls
72 lines (62 loc) · 2.85 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
<#
.NOTES
===========================================================================
Created with: SAPIEN Technologies, Inc., PowerShell Studio 2015 v4.2.92
Created on: 8/25/2015 1:25 PM
Created by: Mick Pletcher
Filename: RetrieveBitlockerRecoveryKey.ps1
===========================================================================
.DESCRIPTION
This script will prompt for the computer name. It will then display the
bitlocker recovery key. In order for this to work correctly, you will
need to install Remote Server Administration Tools and active the
following feature: Remote Server Administration Tools-->
Role Administration Tools-->AD DS and AD LDS Tools-->
Active Directory Module for Windows PowerShell.
#>
Function Get-ComputerName {
#Declare Local Variables
Set-Variable -Name ComputerName -Scope Local -Force
$ComputerName = Read-Host "Enter the computer name"
Return $ComputerName
#Cleanup Local Variables
Remove-Variable -Name ComputerName -Scope Local -Force
}
Function Get-BitlockeredRecoveryKey {
param ([String]$ComputerName)
#Declare Local Variables
Set-Variable -Name BitLockerObjects -Scope Local -Force
Set-Variable -Name BitLockerRecoveryKey -Scope Local -Force
Set-Variable -Name Computer -Scope Local -Value $null -Force
Set-Variable -Name System -Scope Local -Force
$BitLockerObjects = Get-ADObject -Filter { objectclass -eq 'msFVE-RecoveryInformation' }
foreach ($System in $BitLockerObjects) {
$System = $System.DistinguishedName
$System = $System.Split(',')
$System = $System[1]
$System = $System.Split('=')
$System = $System[1]
If ($System -eq $ComputerName) {
$Computer = Get-ADComputer -Filter {Name -eq $System}
$BitLockerRecoveryKey = Get-ADObject -Filter { objectclass -eq 'msFVE-RecoveryInformation' } -SearchBase $Computer.DistinguishedName -Properties 'msFVE-RecoveryPassword'
Write-Host "Computer Name:"$System
Write-Host "Bitlocker Recovery Key:"$BitLockerRecoveryKey.'msFVE-RecoveryPassword'
}
}
If ($Computer -eq $null) {
Write-Host "No recovery key exists" -ForegroundColor Red
}
#Cleanup Local Variables
Remove-Variable -Name BitLockerObjects -Scope Local -Force
Remove-Variable -Name BitLockerRecoveryKey -Scope Local -Force
Remove-Variable -Name Computer -Scope Local -Force
Remove-Variable -Name System -Scope Local -Force
}
#Declare Local Variables
Set-Variable -Name SystemName -Scope Local -Force
cls
Import-Module ActiveDirectory -Scope Global -Force
$SystemName = Get-ComputerName
Get-BitlockeredRecoveryKey -ComputerName $SystemName
#Cleanup Local Variables
Remove-Variable -Name SystemName -Scope Local -Force