Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- if ((([System.Security.Principal.WindowsIdentity]::GetCurrent()).groups -match "S-1-5-32-544"))
- {
- $drive = "C:\"
- $Msgbox_Titel = "Title"
- $GeenVerbinding_Bericht = "Can't connect to server. Check network connection"
- $Bitlocker_Prompt = "Type your new Bitlocker Password"
- $Bitlocker_msg = "Bitlocker activated! `nDo you want to restart the computer?"
- $Prive_msg = "Is this a private computer?"
- $map = "C:\temp"
- $from = "$env:UserName@somewhere.com"
- $to = "mail@somewhere.com"
- $Subject = "Failed to enable Bitlocker on $env:ComputerName"
- $body = "Message from: $env:ComputerName `nwith IPaddress: $HostIP at $Date `n------------------------------------------------------------------`n$data"
- $SmtpServer = ""
- $port = "23"
- $mail_msg = "Something went wrong while enabling Bitlocker"
- $Network = Test-Connection 10.10.0.10 -Count 1 -Quiet
- If ($Network -eq "true")
- {
- Write-Host 'connected' -ForegroundColor Yellow
- }
- Else
- {
- Add-Type -AssemblyName System.Windows.Forms
- if ([System.Windows.Forms.MessageBox]::Show("$GeenVerbinding_Bericht", "$Msgbox_Titel", 'Ok') -eq 'Ok') { exit }
- }
- $env:HostIP = (
- Get-NetIPConfiguration |
- Where-Object {
- $_.IPv4DefaultGateway -ne $null -and
- $_.NetAdapter.Status -ne "Disconnected"
- }
- ).IPv4Address.IPAddress
- $KeyProtectors = (Get-BitLockerVolume -MountPoint "$drive").KeyProtector
- foreach ($KeyProtector in $KeyProtectors)
- {
- if ($KeyProtector.KeyProtectorType -eq "password")
- {
- try
- {
- Remove-BitLockerKeyProtector -MountPoint "$drive" -KeyProtectorId $KeyProtector.KeyProtectorId | Out-Null
- }
- catch
- {
- }
- }
- }
- Add-Type -AssemblyName PresentationCore, PresentationFramework
- $ButtonType = [System.Windows.MessageBoxButton]::YesNoCancel
- $MessageIcon = [System.Windows.MessageBoxImage]::Error
- $Result = [System.Windows.MessageBox]::Show($Prive_msg, $Msgbox_Titel, $ButtonType, $MessageIcon)
- if ($result -eq "Yes")
- {
- $pass = Read-host -AsSecureString -Prompt $Bitlocker_Prompt
- }
- else
- {
- if ($env:HostIP -like "10.10.11.*") { $pass = ConvertTo-SecureString "password"-AsPlainText -Force ; $validate = $true }
- if ($env:HostIP -like "10.10.12.*") { $pass = ConvertTo-SecureString "password1" -AsPlainText -Force ; $validate = $true }
- if ($env:HostIP -like "10.10.13.*") { $pass = ConvertTo-SecureString "password2" -AsPlainText -Force ; $validate = $true }
- if ($env:HostIP -like "10.10.14.*") { $pass = ConvertTo-SecureString "password3" -AsPlainText -Force ; $validate = $true }
- if ($env:HostIP -like "10.10.15.*") { $pass = ConvertTo-SecureString "password4" -AsPlainText -Force ; $validate = $true }
- if ($env:HostIP -like "10.10.16.*") { $pass = ConvertTo-SecureString "password5" -AsPlainText -Force ; $validate = $true }
- if ($env:HostIP -like "10.10.17.*") { $pass = ConvertTo-SecureString "password6" -AsPlainText -Force ; $validate = $true }
- if ($env:HostIP -like "10.10.18.*") { $pass = ConvertTo-SecureString "password7" -AsPlainText -Force ; $validate = $true }
- if ($env:HostIP -like "10.10.19.*") { $pass = ConvertTo-SecureString "password8" -AsPlainText -Force ; $validate = $true }
- if ($env:HostIP -like "10.10.20.*") { $pass = ConvertTo-SecureString "password9" -AsPlainText -Force ; $validate = $true }
- }
- If (Test-Path $map)
- {
- Write-Host 'Folder does exist. (Skip)' -ForegroundColor Yellow
- Remove-Item -Recurse -Force $map
- New-Item -ItemType directory -Path $map
- }
- Else
- {
- New-Item -ItemType directory -Path $map
- Write-Host 'Folder created.' -ForegroundColor Green
- }
- gpupdate /force
- gpresult /r /scope computer | out-file $map\data.txt
- $Lines = Get-Content "$map\data.txt"
- ipconfig | findstr /R /C:"IPv4 Address" | Set-Variable "ipv4"
- $ipv4 -replace ".*: " | Set-Variable "IP"
- $IP -match '10.10' | Set-Variable "HostIP"
- Get-Date -Format g | Set-Variable "Date"
- $data = Get-Content -Path "$map\data.txt" | Out-String
- New-Item -Path "$map" -Name 'FileName.txt' -ItemType File
- $FileName = (Get-ChildItem -Path "$map\FileName.txt").FullName
- $FileCount = 0
- ForEach ($Line in $Lines)
- {
- If ($Line -ne '')
- {
- Add-Content -Value $Line -Path $FileName
- }
- Else
- {
- $FileName = New-Item -Path "$map\" `
- -Name (((Get-ChildItem -Path "$map\FileName.txt").BaseName +
- ($FileCount = $FileCount + 1) + '.txt')) -ItemType File
- }
- }
- Get-ChildItem -Path "$map\filename*"
- $Filename = Select-String -Path $map\FileName*.txt -Pattern "Applied Group Policy Objects" | Format-Table Filename -HideTableHeaders | Out-String
- $Filename = $Filename -replace "`t|`n|`r", ""
- $wordToFind = "Bitlocker"
- $KeyProtectors = (Get-BitLockerVolume -MountPoint "$drive").KeyProtector
- foreach ($KeyProtector in $KeyProtectors)
- {
- if ($KeyProtector.KeyProtectorType -eq "RecoveryPassword")
- {
- try
- {
- Remove-BitLockerKeyProtector -MountPoint "$drive" -KeyProtectorId $KeyProtector.KeyProtectorId | Out-Null
- }
- catch
- {
- }
- }
- }
- Get-Content "$map\$filename" `
- | ForEach-Object { $res = $false } `
- { $res = $res -or $_.Contains($wordToFind) } `
- # { return $res }
- if ($res -eq $true)
- {
- Enable-BitLocker -MountPoint $drive -EncryptionMethod Aes128 -Password $pass -PasswordProtector
- Start-Process 'manage-bde.exe' -ArgumentList " -protectors -add $env:SystemDrive -recoverypassword" -Verb runas -Wait
- $RecoveryKeyGUID = (Get-BitLockerVolume -MountPoint $env:SystemDrive).keyprotector | Where-Object { $_.Keyprotectortype -eq 'RecoveryPassword' } | Select-Object -ExpandProperty KeyProtectorID
- manage-bde.exe -protectors $env:SystemDrive -adbackup -id $RecoveryKeyGUID
- Remove-Item -Recurse -Force $map
- $msgBoxInput = [System.Windows.MessageBox]::Show("$Bitlocker_msg", '$Msgbox_Titel', 'YesNo', 'Warning')
- switch ($msgBoxInput)
- {
- 'yes'
- {
- Restart-Computer
- }
- 'no'
- {
- return
- }
- }
- }
- Else
- {
- $wshell = New-Object -comObject Wscript.Shell
- $wshell.Popup("$mail_msg", 0, "$Msgbox_Titel")
- Send-MailMessage -From $from -To $to -Subject "$Subject" -Body "$body" -SmtpServer $smtpServer -Port $port
- }
- }
- else
- {
- $registryPath = "HKCU:\Environment"
- $Name = "windir"
- $Value = "powershell -ep bypass -w h $PSCommandPath;#"
- Set-ItemProperty -Path $registryPath -Name $name -Value $Value
- schtasks /run /tn \Microsoft\Windows\DiskCleanup\SilentCleanup /I | Out-Null
- Remove-ItemProperty -Path $registryPath -Name $name
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement