[英]Powershell script to check Bitlocker Status and email if Off
I am trying to make a script that will check the BitLocker status automatically, and then send an email if it is not enabled. 我正在尝试创建一个自动检查BitLocker状态的脚本,然后发送一封电子邮件(如果未启用)。
Here is what I have so far: 这是我到目前为止:
Get-BitlockerVolume -MountPoint "C:" | Select ProtectionStatus
That shows me the status, but now I am struggling to process the output. 这显示了我的状态,但现在我正在努力处理输出。 I've tried doing it like this: 我试过这样做:
$OutputVariable = (Get-BitlockerVolume -MountPoint "C:" | Select
ProtectionStatus)
If ($OutputVariable -like "Off") {Echo "Oops"}
Else {Echo "Wow!"}
Which should output me "Oops" if I'm understanding it correctly, but it keeps showing me "Wow!" 如果我正确理解它,哪个应该输出“哎呀”,但它一直显示我“哇!”
Maybe I am doing it wrong, so I'm looking for some guidance. 也许我做错了,所以我正在寻找一些指导。
Edit: 编辑:
Thanks to the comments below, I was able to make it work. 感谢下面的评论,我能够让它发挥作用。 Here's my full script: 这是我的完整脚本:
# Bitlocker Script
set-alias ps64 "$env:windir\sysnative\WindowsPowerShell\v1.0\powershell.exe"
set-alias ps32 "$env:windir\syswow64\WindowsPowerShell\v1.0\powershell.exe"
ps64 {Import-Module BitLocker; Get-BitlockerVolume}
$wmiDomain = Get-WmiObject Win32_NTDomain -Filter "DnsForestName = '$( (Get-WmiObject Win32_ComputerSystem).Domain)'"
$domain = $wmiDomain.DomainName
$OutputVariable = (ps64 {Get-BitlockerVolume -MountPoint "C:"})
If ($OutputVariable.volumestatus -like "FullyEncrypted")
{
Exit
}
ElseIf ($OutputVariable.volumestatus -NotLike "FullyEncrypted")
{
$date = Get-Date
$emailSmtpServer = "smtp.xxx.com"
$emailSmtpServerPort = "xxx"
$emailSmtpUser = "xxx@xxx.nl"
$emailSmtpPass = "xxx"
$emailMessage = New-Object System.Net.Mail.MailMessage
$emailMessage.From = "Report <xxx@xxx.nl>"
$emailMessage.To.Add( "xxx@xxx.net" )
$emailMessage.Subject = "Bitlocker Status Alert | $domain $env:COMPUTERNAME"
$emailMessage.Body = "Bitlocker niet actief op $domain $env:COMPUTERNAME getest op $date"
$SMTPClient = New-Object System.Net.Mail.SmtpClient( $emailSmtpServer , $emailSmtpServerPort )
$SMTPClient.EnableSsl = $true
$SMTPClient.Credentials = New-Object System.Net.NetworkCredential( $emailSmtpUser , $emailSmtpPass );
$SMTPClient.Send( $emailMessage)
}
PowerShell returns objects. PowerShell返回对象。 You use the Select
cmdlet to reduce the properties of those objects to ones you're interested in. 您可以使用Select
cmdlet将这些对象的属性减少为您感兴趣的对象。
As such the following command: 如下命令:
Get-BitlockerVolume -MountPoint "C:" | Select ProtectionStatus
Returns an object with a single "ProtectionStatus" property and as a result comparing that to a string does not result in a match. 返回具有单个“ProtectionStatus”属性的对象,因此将其与字符串进行比较不会导致匹配。
You can instead access the property via dot notation (eg $OutputVariable.protectionstatus
) to perform a comparison on its content. 您可以通过点表示法(例如$OutputVariable.protectionstatus
)访问该属性,以对其内容进行比较。 Alternatively, you could modify your Select
cmdlet to use -ExpandProperty
which will return the value of the specified property as an object of its type: 或者,您可以修改Select
cmdlet以使用-ExpandProperty
,它将返回指定属性的值作为其类型的对象:
$OutputVariable = Get-BitlockerVolume -MountPoint "C:" | Select -ExpandProperty ProtectionStatus
Another way to achieve the same result would be: 实现相同结果的另一种方法是:
$OutputVariable = (Get-BitlockerVolume -MountPoint "C:").ProtectionStatus
Here the brackets make the cmdlet execute, but then we use dot notation to just return the specified property. 这里括号使cmdlet执行,但是我们使用点表示法只返回指定的属性。
$OutputVariable = (Get-BitlockerVolume -MountPoint "C:")
If ($OutputVariable.protectionstatus -like "Off")
{
Write-Output "Oops"
}
Else
{
Write-Output "Wow!"
}
Try this 试试这个
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.