Let's say that you need to collect the BitLocker Drive Encryption status from the clients in your environment. You have System Center Configuration Manager 2007 and you're already using Hardware Inventory, but how do you put it all together? That's what I'll be discussing here.
First are the additions that are required to be made in the SMS_DEF.MOF and the CONFIGURATION.MOF files:
SMS_DEF.MOF:
------------------
[ SMS_Report (TRUE),
SMS_Group_Name ("Bitlocker"),
SMS_Class_ID ("MICROSOFT|Bitlocker|1.0")]
class Bitlocker : SMS_Class_Template
{
[SMS_Report(TRUE), key]
string DeviceID;
[SMS_Report(TRUE)]
string DriveLetter;
[SMS_Report(TRUE)]
uint32 ProtectionStatus;
};
CONFIGURATION.MOF:
-----------------------
#pragma namespace("\\\\.\\root\\cimv2")
[Union,ViewSources{"select * from Win32_EncryptableVolume"},ViewSpaces{"\\\\.\\root\\cimv2\\security\\MicrosoftVolumeEncryption"},
Dynamic,Provider("MS_VIEW_INSTANCE_PROVIDER")]
class Bitlocker
{
[PropertySources{"DeviceID"},key]
string DeviceID;
[PropertySources{"DriveLetter"}]
string DriveLetter;
[PropertySources{"ProtectionStatus"}]
uint32 ProtectionStatus;
};
Adding these sections to the respective MOFs and saving them should get things started. Once the clients go through their next policy cycle, they will populate this information into WMI. From here on, whenever the inventory cycle runs the information will be collected in the inventory XML and will get sent to the management point for further processing by the dataloader and added to the database for the respective client. Once the information is in the database, it can be fetched via custom reports. Alternatively, you can also view this information in the resource explorer for the clients.
Most of the times things will not end at just collecting the information using the MOF edit. There will also be a need to get this information reported. This is actually pretty simple and here are the steps you'll need to follow to accomplish this:
1. Create a new report and give it a name.
2. Choose the category you want to put it in and then click on Edit SQL Statement.
3. In the SQL Statement box type in the query below:
select sys.Name0, BL.DriveLetter0, BL.ProtectionStatus0 from v_GS_BitLocker BL Join v_r_system sys on sys.ResourceID = BL.ResourceID
Now, there are two things to remember here. One, the name of the table that is being queried for the BitLocker information and second the columns that need to be reported.
The table name will be v_GS_<name of the class in MOF>. For this example, the MOFs I've created above have the class name as BitLocker. This is why we have the view we are querying by the name v_GS_BitLocker.
If more information is desired in reports (which is rarely the case), it can be queried using a select query in SQL against the SCCM database to get all the columns of information which are present in the table. For example:
select * from v_GS_BitLocker
That's it! Now you're ready to query and report BitLocker information from clients.
Vishal Gupta | Microsoft System Center support
The App-V Team blog: http://blogs.technet.com/appv/
The WSUS Support Team blog: http://blogs.technet.com/sus/
The SCMDM Support Team blog: http://blogs.technet.com/mdm/
The ConfigMgr Support Team blog: http://blogs.technet.com/configurationmgr/
The SCOM 2007 Support Team blog: http://blogs.technet.com/operationsmgr/
The SCVMM Team blog: http://blogs.technet.com/scvmm/
The MED-V Team blog: http://blogs.technet.com/medv/
The DPM Team blog: http://blogs.technet.com/dpm/
The OOB Support Team blog: http://blogs.technet.com/oob/
The Opalis Team blog: http://blogs.technet.com/opalis
