Get-BitLockerStatus
Windows: Retrieves BitLocker encryption status and key protectors
#Requires -Version 5.1
#Requires -Modules BitLocker
[CmdletBinding()]
Param
(
[string]$ComputerName = $env:COMPUTERNAME,
[string]$DriveLetter,
[pscredential]$Credential
)
Process
{
try
{
$scriptBlock = {
Param($MountPoint)
$volumes = if ($null -ne $MountPoint) { Get-BitLockerVolume -MountPoint $MountPoint -ErrorAction Stop } else { Get-BitLockerVolume -ErrorAction Stop }
$results = foreach ($v in $volumes)
{
[PSCustomObject]@{
MountPoint = $v.MountPoint
ProtectionStatus = $v.ProtectionStatus
EncryptionMethod = $v.EncryptionMethod
VolumeStatus = $v.VolumeStatus
KeyProtectors = ($v.KeyProtector.KeyProtectorType) -join ', '
CapacityGB = [math]::Round($v.CapacityGB, 2)
ComputerName = $env:COMPUTERNAME
}
}
$results
}
if ($ComputerName -ne $env:COMPUTERNAME)
{
$invokeParams = @{
'ComputerName' = $ComputerName
'ScriptBlock' = $scriptBlock
'ArgumentList' = $DriveLetter
'ErrorAction' = 'Stop'
}
if ($null -ne $Credential)
{
$invokeParams.Add('Credential', $Credential)
}
$result = Invoke-Command @invokeParams
}
else
{
$result = &$scriptBlock -MountPoint $DriveLetter
}
Write-Output ($result | Sort-Object MountPoint)
}
catch
{
throw
}
}Specifies the name of the computer to query. Defaults to the local computer.
Specifies a specific drive (e.g., "C:") to query. If omitted, all volumes are audited.
Specifies a PSCredential object for remote connection.