Bitlocker Key ID and Recovery Key

Been working on a worklet policy to grab bitlocker keys ID and recovery keys.
So far I’ve been successful at making the policy create a .csv locally to the machine.
Not sure if this is the best place to post this, but if anyone wants to expand on this such as.
a) out-putting to FTP server, URL, etc. please do

$KeyProperties = @()
$KeyObj = @()
$Computer = $env:Computername
$Keys = Get-BitlockerVolume -MountPoint C:
$selected = $Keys | Select-Object -ExpandProperty KeyProtector
$Selected[1] | select-Object KeyprotectorID, RecoveryPassword
Foreach ($S in $Selected) {
    $KeyProperties = [pscustomobject]@{
            Computer = $Computer
            KeyProtectorID = $S.KeyProtectorID
            RecoveryPassword = $S.RecoveryPassword
    }
    $KeyObj += $KeyProperties
    }
$KeyObj[1] | Export-CSV "C:\$($Computer)_Keys.csv" -NoTypeInformation
9 Likes

Thanks for sharing @cfrieberg! I added in the code block formatting to your post - let me know if that looks like it kept the right indenting. For the code blocks, you just have to put ``` on the line above and below the code.

3 Likes

thanks Nic!

2 Likes
testing testing 123

Oh look at that.

1 Like

The code block feature is pretty nice. Not only does it preserve formatting, but it autodetects what programming language you are using and does color labels accordingly.

1 Like

Yea, that’s pretty slick!

Thanks for sharing! This is awesome and something I’ve seen a lot of people ask for.

1 Like

Wasn’t sure how to edit my original post.

Just following up since I noticed output from this worklet also being stored in Automox Activity Log.

Interesting.

1 Like

If you click the little pencil icon in the bottom left of your post you can edit it.

It’ll store in the log whatever message you return in the code. That does make it easier to have in one place to collect than gathering a bunch of CSV files from each endpoint.

I’m blind…

1 Like

It might be because I have the permissions locked down on submitting posts to the Worklet section - they have to get approved so that we can review the code first. Normally it will let you edit your post, but in this case it would let someone replace the code the originally posted with something potentially malicious or broken. Just send me your edits and I can replace the code for you.

2 Likes