Re: Enable inventory of bitlocker drive status
- From: Christoffer Bennerstedt <ChristofferBennerstedt@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 31 Oct 2007 07:10:03 -0700
This is from my own Inventoryagent.log, this snippet is from my last hardware
inventory cycle, the interesting bit is the last row, i see that row on any
client i check:
Inventory: 10 Collection Task(s) failed. InventoryAgent 2007-10-24
10:10:40 5228 (0x146C)
Inventory: Temp report =
C:\Windows\system32\CCM\Inventory\Temp\992f167e-1f7f-4990-b819-655ed985268d.xml InventoryAgent 2007-10-24 10:10:40 5228 (0x146C)
Inventory: Starting reporting task. InventoryAgent 2007-10-24 10:10:40 8240
(0x2030)
Reporting: 7 report entries created. InventoryAgent 2007-10-24 10:10:40 8240
(0x2030)
Inventory: Reporting Task completed in 0.390
seconds InventoryAgent 2007-10-24 10:10:40 8240 (0x2030)
Inventory: Successfully sent report. Destination:mp:MP_HinvEndpoint, ID:
{A30D31D4-F84E-4901-87D4-71BBE5028584}, Timeout: 80640 minutes MsgMode: Not
Signed, Not Encrypted InventoryAgent 2007-10-24 10:10:40 8240 (0x2030)
Inventory: Cycle completed in 44.086 seconds InventoryAgent 2007-10-24
10:10:48 8240 (0x2030)
Inventory: Action completed. InventoryAgent 2007-10-24 10:10:48 8240 (0x2030)
Inventory: ************************ End of message processing.
************************ InventoryAgent 2007-10-24 10:10:48 8240 (0x2030)
Inventory: *********************** Start of message processing.
*********************** InventoryAgent 2007-10-24 10:23:11 7276 (0x1C6C)
Inventory: Message type is PolicyChange InventoryAgent 2007-10-24
10:23:11 7276 (0x1C6C)
"Garth" wrote:
It could be have you looked at any of the affected clients.
InventoryAgent.log to see if there are any error messages?
"Christoffer Bennerstedt" <ChristofferBennerstedt@xxxxxxxxxxxxxxxxxxxxxxxxx>
wrote in message news:35FAE6D6-F229-463E-856F-952DDCDFB582@xxxxxxxxxxxxxxxx
Hi again,
Sorry for late answer, but i've been away.
Anyway, i've tried adding your suggestion, however a strange thing has
happened, on all our clients (mixed XP and Vista right now) they are
missing
the Hardware inventory cycle. Our machines are no longer reporting
hardware,
even though it is still enabled in the SMS Console (haven't touched my
settings there)
Is this related to my messing with the sms_def.mof?
What can i check to see what is wrong, or how can i correct this?
Help :(
// Christoffer
"Kim Oppalfens [MVP]" <""Kim dot Oppalfen" wrote:
Christoffer Bennerstedt wrote:
Hi Kim,Ok took a closer look at your additions, try this:
Thanks, i have tried adding the following to my sms_def.mof, but when
compiling with mofcomp on my SMS-server i get Error Number 0x8004100e,
description: Invalid Namespace
Which i understand, because on the SMS server, that namespace is
non-existant since it's an Win2k3 server..
Added:
#pragma namespace
("\\\\.\\root\\cimv2\\security\\MicrosoftVolumeEncryption")
[ SMS_Report (TRUE),
SMS_Group_Name ("Bitlocker Info"),
SMS_Class_ID ("BITLOCKER") ]
class Win32_EncryptableVolume : SMS_Class_Template
{
[SMS_Report (TRUE) ]
string Driveletter;
[SMS_Report (TRUE) ]
uint32 GetProtectionStatus;
[SMS_Report (TRUE) ]
uint32 GetEncryptionMethod;
[SMS_Report (TRUE), key]
uint32 GetConversionStatus;
[SMS_Report (TRUE), key]
uint32 GetKeyProtectors;
};
"Kim Oppalfens [MVP]" <""Kim dot Oppalfen" wrote:
Christoffer Bennerstedt wrote:
Hi,To take a look at bitlocker you need to use this namespace:
How do i enable taking inventory from Vista-clients to see if their
systemdrive is protected with bitlocker?
I guess i have to add the namespace to the sms_def.mof file on our
SMS
server and compile it?
Is this the namespace i should add:
\\.\root\CIMv2\Security\MicrosoftVolumeEncryption
btw, we're running SMS SP3
Thanks
\\.\root\cimv2\security\MicrosoftVolumeEncryption
and the class is Win32_EncryptableVolume.
--
"Everyone is an expert at something"
Kim Oppalfens - Sms Expert for lack of any other expertise
Windows Server System MVP - SMS
http://www.blogcastrepository.com/blogs/kim_oppalfenss_systems_management_ideas/default.aspx
//---------------------------
// SMS Advanced Client State
//---------------------------
#pragma namespace ("\\\\.\\root\\cimv2\\sms")
// Declare the sms delta/reporting class for advanced client components
[ SMS_Report (TRUE),
SMS_Group_Name ("Bitlocker info"),
Namespace ("root\\\\cimv2\\security\\MicrosoftVolumeEncryption"),
SMS_Class_ID ("MICROSOFT|BITLOCKER|1.0") ]
class Win32_EncryptableVolume : SMS_Class_Template
{
[SMS_Report (TRUE) ]
string Driveletter;
[SMS_Report (TRUE) ]
uint32 GetProtectionStatus;
[SMS_Report (TRUE) ]
uint32 GetEncryptionMethod;
[SMS_Report (TRUE), key]
uint32 GetConversionStatus;
[SMS_Report (TRUE), key]
uint32 GetKeyProtectors;
};
--
"Everyone is an expert at something"
Kim Oppalfens - Sms Expert for lack of any other expertise
Windows Server System MVP - SMS
http://www.blogcastrepository.com/blogs/kim_oppalfenss_systems_management_ideas/default.aspx
- References:
- Re: Enable inventory of bitlocker drive status
- From: Kim Oppalfens [MVP]
- Re: Enable inventory of bitlocker drive status
- From: Christoffer Bennerstedt
- Re: Enable inventory of bitlocker drive status
- From: Kim Oppalfens [MVP]
- Re: Enable inventory of bitlocker drive status
- From: Christoffer Bennerstedt
- Re: Enable inventory of bitlocker drive status
- From: Garth
- Re: Enable inventory of bitlocker drive status
- Prev by Date: Re: Enable inventory of bitlocker drive status
- Next by Date: last logged on users name
- Previous by thread: Re: Enable inventory of bitlocker drive status
- Next by thread: Software Inventory and History (track changes)
- Index(es):
Relevant Pages
|
