encrypt01.ps1

1. #Create a file containing timestamp, hostname, hostid and a random bitlocker password
2. #Send this file to server then start encrypting the disk
3.  
4.  
5. #Remove-Item -Recurse -Force $env:WinDir\System32\GroupPolicyUsers
6. #Remove-Item -Recurse -Force $env:WinDir\System32\GroupPolicy
7.  
8. Function recoveryKeyGen
9. {
10.     $recoveryKey = ""
11.     for($i=0; $i -lt 8; $i++)
12.     {
13.         $completed = $null
14.         DO
15.         {
16.             $recoveryKeyPart =  (Get-Random -Minimum 100000 -Maximum 720895)
17.             if($recoveryKeyPart %11 -eq 0)
18.             {
19.                 $recoveryKey = $recoveryKey + $recoveryKeyPart
20.                 $completed = $true
21.             }
22.         } While (-not $completed)
23.         if ($i -ne 7)
24.         {
25.             $recoveryKey = $recoveryKey + "-"
26.         }
27.     }
28.     $recoveryKey
29. }
30.  
31. if(-Not (Test-Path C:\Temp))
32. {
33.     New-Item -ItemType Directory -Force -Path C:\Temp
34. }
35. $recoveryKeyPath = "C:\Temp\" + $env:COMPUTERNAME + "_" + $env:USERNAME + "_recoveryKey.txt"
36. if(Test-Path $recoveryKeyPath)
37. {
38.     Remove-Item $recoveryKeyPath
39. }
40.  
41. $timeStamp = "[{0:dd/MM/yy} {0:HH:mm:ss}]" -f (Get-Date)
42. Add-Content $recoveryKeyPath $timeStamp
43.  
44. $computerName = "COMPUTERNAME : " + $env:COMPUTERNAME
45. Add-Content $recoveryKeyPath $computerName
46.  
47. $ipv4 = "IP           : "
48. $ipv4B = (Get-WmiObject -Class Win32_NetworkAdapterConfiguration | where {$_.DefaultIPGateway -ne $null}).IPAddress | select-object -first 1
49. #$ipv4B = Test-Connection -ComputerName $env:COMPUTERNAME -Count 1 | Select IPV4Address | %{ "{0,-10}" -f $_.IPV4Address }
50. $ipv4 = $ipv4 + $ipv4B
51. Add-Content $recoveryKeyPath $ipv4
52.  
53. $computerSystem = (Get-WmiObject -Class:Win32_ComputerSystem)
54. if ( $computerSystem.Manufacturer -like "Hewlett*" )
55. {
56.     Write-Host HP machine
57. }
58. elseif( $computerSystem.Manufacturer -like "Dell*" )
59. {
60.     Write-Host DELL machine
61. }
62.  
63. $macAddress = "HOSTID       : "
64. #filter with "*Network Connection" on older machine
65. $macAddressB =  Get-WmiObject win32_networkadapterconfiguration | select description, macaddress | ? description -like "Realtek*" | select macaddress -ExpandProperty macaddress
66. $macAddress = $macAddress + $macAddressB
67. Add-Content $recoveryKeyPath $macAddress
68.  
69. $recoveryKey = "RECOVERYKEY  : "
70. $recoveryKeyB = recoveryKeyGen
71. $recoveryKey = $recoveryKey + $recoveryKeyB
72. Add-Content $recoveryKeyPath $recoveryKey
73.  
74. #Send file to nas or AD share before continuing
75. if(Test-Path O:)
76. {
77.     Remove-PSDrive -Name O
78. }
79. New-PSDrive -Name O -PSProvider filesystem -Root \\ad.test.fr\nas\folder | Out-Null
80. Copy-Item -Path $recoveryKeyPath -Destination O:\
81.  
82. #manage-bde -protectors -add c: -RecoveryPassword $recoveryKeyB
83. #manage-bde -on c: