Powershell - C# - Windows: février 2019

Extract All KeysRecovery in ActiveDirectory

$strFilter = "(&(objectcategory=msFVE-RecoveryInformation))"
$ldap = "LDAP://DC=xx,DC=xxx,DC=xx"
$objDomain = New-Object System.DirectoryServices.DirectoryEntry $ldap
$objSearcher = New-Object System.DirectoryServices.DirectorySearcher
$objSearcher.SearchRoot = $objDomain
$objSearcher.PageSize = 10000
$objSearcher.Filter = $strFilter.Trim()
$objSearcher.SearchScope = "Subtree"
$colResults = $objSearcher.FindAll()

[array]$Resultat = $colResults

$ComputerNameRecoveryPassword = @()

foreach ($objResult in $Resultat)
{
$ComputerName = $objResult.Path.Split(",")[1].Replace("CN=", "")
$RecoveryPassword = $objResult.Properties.'msfve-recoverypassword'
$whencreated = $objResult.Properties.whencreated

$Object = New-Object PSObject
$Object | add-member Noteproperty ComputerName $ComputerName
$Object | add-member Noteproperty RecoveryPassword $RecoveryPassword
$Object | add-member Noteproperty whencreated $whencreated
$ComputerNameRecoveryPassword += $Object
}

$ComputerNameRecoveryPassword | Sort-Object -Property ComputerName

Extract for one computer (start local with adm account)

$ComputerName = $env:COMPUTERNAME
$strFilter = "(&(objectclass=computer)(cn= $ComputerName))"
#$strFilter = "(&(objectcategory=msFVE-RecoveryInformation))"
$ldap = "LDAP://DC=xx,DC=xx,DC=xx"
$objDomain = New-Object System.DirectoryServices.DirectoryEntry $ldap
$objSearcher = New-Object System.DirectoryServices.DirectorySearcher
$objSearcher.SearchRoot = $objDomain
$objSearcher.PageSize = 10000
$objSearcher.Filter = $strFilter.Trim()
$objSearcher.SearchScope = "Subtree"
$colResultsComputer = $objSearcher.FindOne()

$strFilter = "(&(objectcategory=msFVE-RecoveryInformation))"
$ldap = $colResultsComputer.Path
$objDomain2 = New-Object System.DirectoryServices.DirectoryEntry $ldap
$objSearcher = New-Object System.DirectoryServices.DirectorySearcher
$objSearcher.SearchRoot = $objDomain2
$objSearcher.PageSize = 10000
$objSearcher.Filter = $strFilter.Trim()
$objSearcher.SearchScope = "Subtree"
$colResults = $objSearcher.FindOne()

[array]$Resultat = $colResults

$ComputerNameRecoveryPassword = @()

foreach ($objResult in $Resultat)
{
$ComputerName = $objResult.Path.Split(",")[1].Replace("CN=", "")
$RecoveryPassword = $objResult.Properties.'msfve-recoverypassword'
$whencreated = $objResult.Properties.whencreated

$Object = New-Object PSObject
$Object | add-member Noteproperty ComputerName $ComputerName
$Object | add-member Noteproperty RecoveryPassword $RecoveryPassword
$Object | add-member Noteproperty whencreated $whencreated
$ComputerNameRecoveryPassword += $Object
}

$ComputerNameRecoveryPassword | Sort-Object -Property ComputerName

Powershell - C# - Windows

Rechercher dans ce blog

mercredi 6 février 2019

Get PasswordRecovery Bitlocker (msFVE-RecoveryInformation, msfve-recoverypassword) without Import-Module ActiveDirectory

Extract All KeysRecovery in ActiveDirectory

Extract for one computer (start local with adm account)