-1

I have a script for bitlocker encryption that encrypts system drive. now my management wants to include all other data drives.

Now, I'm having a hard time creating a for loop because drives is not displaying. so assigned variables are not able to run properly on commands a throw.

I wanted to do a for loop to check all data drives except external drives and usb using

wmic logicaldisk where "drivetype=3" get deviceid /format:list

but I'm quite having a hard time. I have put my modified script that is not working yet below.

If you think what I have is a spaghetti code, please help me modify. maybe you have other efficient way.

@echo off

setlocal enabledelayedexpansion

for /F "skip=1 tokens=2 delims=:" %%L in ('wmic logicaldisk where "drivetype=3" get deviceid /format:list') do (
    echo Checking drive: %%L
    for /F "tokens=3 delims= " %%A in ('manage-bde -status %%L ^| findstr "    Encryption Method:"') do (
        if "%%A"=="AES" goto EncryptionCompleted
    )
    for /F "tokens=3 delims= " %%A in ('manage-bde -status %%L ^| findstr "    Encryption Method:"') do (
        if "%%A"=="XTS-AES" goto EncryptionCompleted
    )
    for /F "tokens=3 delims= " %%A in ('manage-bde -status %%L ^| findstr "    Encryption Method:"') do (
        if "%%A"=="None" goto TPMActivate
    )
    goto ElevateAccess
)
phuclv
  • 37,963
  • 15
  • 156
  • 475
Ralphae
  • 1

1 Answers1

0

You could maybe try it something more like this:

@Echo Off
SetLocal EnableExtensions

%SystemRoot%\System32\reg.exe Query "HKU\S-1-5-19" >NUL 2>&1 || (
    Echo This must be Run as administrator.
    %SystemRoot%\System32\timeout.exe /T 5 /NoBreak 1>NUL
    Exit /B)

For /F Tokens^=6^ Delims^=^" %%G In ('%SystemRoot%\System32\wbem\WMIC.exe
 LogicalDisk Where "DriveType = 3" Get DeviceID /Format:MOF 2^>NUL'
) Do For /F "Tokens=3" %%H In ('%SystemRoot%\System32\manage-bde.exe -Status %%G
 ^| %SystemRoot%\System32\find.exe "Encryption Method:" 2^>NUL'
) Do If "%%H" == "None" (GoTo TPMActivate
) Else If Not "%%H" == "AES" If Not "%%H" == "XTS-AES" GoTo ElevateAccess

:EncryptionCompleted

Please note: This is simply a fix for your submitted code with improvements. It does not however do what I think you intended of it. Once it has parsed the first Fixed Disk it will GoTo another label and exit the loop. It will not therefore action against another disk, so if that was you intention, you'd need to perform more work yourself.

Compo
  • 36,585
  • 5
  • 27
  • 39
  • BTW, as a tip for performing the rest yourself, you need to look into the use of the `Call` command. – Compo Jun 15 '23 at 15:51