In my organization, we are using Bitlocker to encrypt Windows 7 computers. We are storing the recovery keys in Active Directory, this stores the key as an attribute of the computer object. I recently wanted to generate a report of the bitlocker status of the computer objects in AD. I found out I could do this pretty easily in Powershell, and thought I would document that here. My inspiration for this script came from this Technet Gallery script
To start, we need the Quest ActiveRoles Management Shell for for Active Directory. This is available for free from Quest and can be downloaded from here. This should be downloaded and installed on the workstation that is going to be used to run the script. With this installed, we are ready to take a look at the script.
# Check to make sure the path has been specified otherwise display a message and exit the script
param([string]$CsvFilePath)
if (!$CsvFilePath) {
Write-Host ""
Write-Host "Path not not specified!"
Write-Host "Please specify the path for the output as a parameter e.g. : "
Write-Host ".\Get-BitlockerComputerReport.ps1 """c:\reports\BitlockerReport.csv""""
Exit
}