46 Vote

Add feature to gather and retrieve bitlocker keys stored in MECM (SCCM)

We moved away from standalone MBAM and are now using MECM to encrypt an store bitlocker recovery keys.

  • Guest
  • Jan 14 2022
  • Planned
Security
  • Attach files
  • Michael Lovett commented
    19 Sep, 2022 07:23pm

    Here a script you can use to export the data:

    #import-module sqlps <---- Only Needed if Not on a SQL Server Install

    # Back Up All Recovery Keys and TPM Ownership Passwords to Comma Delimited File for Excel

    $timer = (Get-Date) -replace "/","-" -replace " ","" -replace ":",""

    $path = "D:\backup\mbam\TPMOnwershipData"+ $timer +".csv"

    $SQLquery = 'Select * from RecoveryAndHardwareCore_machines'

    $Result = Invoke-Sqlcmd -query $SQLquery -ServerInstance 'sccm' -Database 'CM_SCCM'

    $Result |export-csv $path -NoTypeInformation

    $path = "D:\backup\mbam\BitlockerRecoveryKeys"+ $timer +".csv"

    $SQLquery = 'Select * from RecoveryAndHardwareCore_keys'

    $Result = Invoke-Sqlcmd -query $SQLquery -ServerInstance 'sccm' -Database 'CM_SCCM'

    $Result |export-csv $path -NoTypeInformation

    #Clean Up Files Older than 7 days

    $path = "D:\backup\mbam"

    $limit = (Get-Date).AddDays(-7)

    # Delete files older than the $limit.

    Get-ChildItem -Path $path -Recurse -Force | Where-Object { !$_.PSIsContainer -and $_.CreationTime -lt $limit } | Remove-Item -Force

    #Clean Up Backup Files Older than 14 days While we are at it

    $path = "F:\Backup\SCCM"

    $limit = (Get-Date).AddDays(-14)

    # Delete files older than the $limit.

    Get-ChildItem -Path $path -Recurse -Force | Where-Object { !$_.PSIsContainer -and $_.CreationTime -lt $limit } | Remove-Item -Force

    #Clean Up Backup Files Older than 3 days While we are at it

    $path = "C:\inetpub\logs\LogFiles"

    $limit = (Get-Date).AddDays(-3)

    # Delete files older than the $limit.

    Get-ChildItem -Path $path -Recurse -Force | Where-Object { !$_.PSIsContainer -and $_.CreationTime -lt $limit } | Remove-Item -Force

    exit

    ×

    Attachments Open full size

  • Edwin Bruining commented
    31 Aug, 2022 06:32pm

    Please do :)

    ×

    Attachments Open full size

  • Ryan Giddens commented
    29 Mar, 2022 03:19pm

    This would be extremely helpful.

    ×

    Attachments Open full size

  • Guest commented
    14 Jan, 2022 07:25pm

    Would like to see this implemented.

    ×

    Attachments Open full size

  • Richard Jones commented
    14 Jan, 2022 04:15pm

    This would be very helpful

    ×

    Attachments Open full size

  • +25

Related ideas