18

All machines from my network should have BitLocker successfully applied to them.

Is there a way that I can remotely query the machines to see if:

  1. Bitlocker has been enabled,
  2. Bitlocker has fully encrypted the drive.

Ideally I am looking for a way to do it without admin rights.

WhiteWinterWolf
  • 19,082
  • 4
  • 58
  • 104
KingJohnno
  • 1,155
  • 2
  • 11
  • 19

4 Answers4

15

With this PowerShell command, you can check the BitLocker status on a volume:

Manage-bde -status -cn <computername/ip> <drive letter>

Where the -cn argument is optional. Examples:

Manage-bde -status C:
Manage-bde -status -cn 192.168.1.2 C:

The command can also be run remotely.

Reference: https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/ff829849(v=ws.11)

Luc
  • 31,973
  • 8
  • 71
  • 135
pineappleman
  • 2,279
  • 11
  • 21
11

For a remote host:

manage-bde -status -computername **computername**
Steve Dodier-Lazaro
  • 6,798
  • 29
  • 45
jlharris
  • 111
  • 1
  • 2
8

That is the command that gives the information you need.

Manage-bde -status C:

A screenshot of a console window, showing the output of the "manage-bde -status c:" command.

DxTx
  • 1,403
  • 2
  • 9
  • 20
  • 5
    Thanks for posting an answer on our site. It would be highly beneficial to summarise what exactly is in the image you posted, so that users with vision impairments can benefit from it too. – Steve Dodier-Lazaro Aug 16 '16 at 17:15
4
manage-bde -status -computername "COMPUTERNAME" c:

The computer must be on and on the network however, does not work for machines out of network or that are off.

GoldenWest
  • 41
  • 2
  • also this will not query all drives, notice the c: that is just for the drive, for multiple drives I recommend querying the drives and then using the last part as a variable with a for each loop – GoldenWest Aug 03 '18 at 17:50
  • the answer above that forgoes the C: will query multiple drives – GoldenWest Aug 03 '18 at 17:53