我正在尝试从 AD 中提取启用了 BitLocker 的设备列表的报告。
我们有一个 Win 2008 r2 域控制器,我们的大多数设备都是 Win 10 和少数 Win 8.1。
我不是 power shell 方面的专家,但过去曾在业余水平上使用过它。我在网上找到了以下命令并进行了尝试,但是在查看 .CSV 时,除了“BitlockerPasswordSet”字段之外,所有字段都已填充。
有没有人对如何解决这个问题或他们使用过的更好的解决方案有任何想法?
提前致谢!
Param (
[string]$SearchBase = "OU=Office-UK,DC=MyDomainName,DC=local"
)
Try { Import-Module ActiveDirectory -ErrorAction Stop }
Catch { Write-Warning "Unable to load Active Directory module because $($Error[0])"; Exit }
Write-Verbose "Getting Workstations..." -Verbose
$Computers = Get-ADComputer -Filter * -SearchBase $SearchBase -Properties LastLogonDate
$Count = 1
$Results = ForEach ($Computer in $Computers)
{
Write-Progress -Id 0 -Activity "Searching Computers for BitLocker" -Status "$Count of $($Computers.Count)" -PercentComplete (($Count / $Computers.Count) * 100)
New-Object PSObject -Property @{
ComputerName = $Computer.Name
LastLogonDate = $Computer.LastLogonDate
BitLockerPasswordSet = Get-ADObject -Filter "objectClass -eq 'msFVE-RecoveryInformation'" -SearchBase $Computer.distinguishedName -Properties msFVE-RecoveryPassword,whenCreated | Sort whenCreated -Descending | Select -First 1 | Select -ExpandProperty whenCreated
}
$Count ++
}
Write-Progress -Id 0 -Activity " " -Status " " -Completed
$ReportPath = "C:\temp\BitLockerComputerReport.csv"
Write-Verbose "Building the report..." -Verbose
$Results | Select ComputerName,LastLogonDate,BitLockerPasswordSet | Sort ComputerName | Export-Csv $ReportPath -NoTypeInformation
Write-Verbose "Report saved at: $ReportPath" -Verbose