• S.Ergül

How to check MBam Bitlocker Encryption Error via Powershell

Hi Folks,

Today we will check Noncompliant status of Bitlocker's encryption process. After implementing Bitlockers on our environment, we get some error when we try to encrypt data on below screen shots as you know and it is really annoying to find a solution to fix the problem.

Then start to brainstorming to get solution, Is it from Gpo ? Is it from Missing KB4014009 on Mbam Agent ? and so on...


So, you do not need to worry, what is the real reason on it ? you can use some powershell cmdlet to find the error code on this situation as you can use below cmdlet.

(Get-WmiObject -Class mbam_Volume -Namespace root\microsoft\mbam).ReasonsForNoncompliance

Then you get a list of error code which means on below as ;

Now, you can run a script on clients via sccm, how to do that, right here. But there is more than one error code has been occured after running script. So we need to check every error code's meaning on it with below script.

##########################################################
#Script Title: ReasonForNoncompliance
#Author: Selçuk Ergül  
#Date Created: 02/04/2021
#Version: V1.0 - First relase.
##########################################################
Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass

$Reason = Get-WmiObject -Class mbam_Volume -Namespace root\microsoft\mbam
$Complete = (Get-WmiObject -Class mbam_Volume -Namespace root\microsoft\mbam).Compliant

if($Complete -eq 1)
{
	Write-host "Fully Encrypted"
}
elseif($Complete -eq 2)
{
	Write-host "Fully Decrypted"
}
elseif($Complete -eq $Null)
{
	$Status = (Get-BitlockerVolume).VolumeStatus
	Write-host $Status
}
else
{
	ForEach ($Element in $Reason)
    {
		Switch($Element.ReasonForNoncompliance) 
		{
		"0" { return "Reason For Noncompliance Error Code: $Reason. Error Code $Element Description: Cipher strength not AES 256"}

		"1" { return "Reason For Noncompliance Error Code: $Reason. Error Code $Element Description: MBAM Policy requires this volume to be encrypted but it is not"}

		"2" { return "Reason For Noncompliance Error Code: $Reason. Error Code $Element Description: MBAM Policy requires this volume to NOT be encrypted, but it is."}

		"3" { return "Reason For Noncompliance Error Code: $Reason. Error Code $Element Description: MBAM Policy requires this volume use a TPM protector, but it does not"}

		"4" { return "Reason For Noncompliance Error Code: $Reason Description: MBAM Policy requires this volume use a TPM+PIN protector, but it does not"}

		"5" { return "Reason For Noncompliance Error Code: $Reason Description: MBAM Policy does not allow non TPM machines to report as compliant."}

		"6" { return "Reason For Noncompliance Error Code: $Reason Description: Volume has a TPM protector but the TPM is not visible (booted with recover key after disabling TPM in BIOS?)."}

		"7" { return "Reason For Noncompliance Error Code: $Reason Description: MBAM Policy requires this volume use a password protector, but it does not have one.6"}

		"8" { return "Reason For Noncompliance Error Code: $Reason Description: MBAM Policy requires this volume NOT use a password protector, but it has one."}

		"9" { return "Reason For Noncompliance Error Code: $Reason Description: MBAM Policy requires this volume use an auto-unlock protector, but it does not have one."}

		"10" { return "Reason For Noncompliance Error Code: $Reason Description: MBAM Policy requires this volume NOT use an auto-unlock protector, but it has one."}

		"11" { return "Reason For Noncompliance Error Code: $Reason Description: Policy conflict detected preventing MBAM from reporting this volume as compliant.6"}

		"12" { return "Reason For Noncompliance Error Code: $Reason Description: A system volume is needed to encrypt the OS volume but it is not present.6"}

		"13" { return "Reason For Noncompliance Error Code: $Reason Description: Protection is suspended for the volume."}

		"14" { return "Reason For Noncompliance Error Code: $Reason Description: AutoUnlock unsafe unless the OS volume is encrypted."}

		"15" { return "Reason For Noncompliance Error Code: $Reason Description: Policy requires minimum cypher strength is XTS-AES-128 bit, actual cypher strength is weaker than that."}

		"16" { return "Reason For Noncompliance Error Code: $Reason Description: Policy requires minimum cypher strength is XTS-AES-256 bit, actual cypher strength is weaker than that."}

        default {return "Unknow error code occured."}
		}
	}
}



219 görüntüleme0 yorum

Son Paylaşımlar

Hepsini Gör