How do I get a specific value from a line in powershell

Question

I'm trying to get a specific value out of the manage-bde -status C: command, which returns the following: BitLocker Drive Encryption: Configuration Tool version 10.0.18362 Copyright (C) 2013 Microsoft Corporation. All rights reserved.

Volume C: [] [OS Volume]

Size:                 237.29 GB
BitLocker Version:    None
Conversion Status:    Fully Decrypted
Percentage Encrypted: 0.0%
Encryption Method:    None
Protection Status:    Protection Off
Lock Status:          Unlocked
Identification Field: None
Key Protectors:       None Found

I'm trying to get the end of the line labelled Protection Status and return Off

I would use `Get-BitLockerVolume` instead, `manage-bde` just returns a string — I.T Delinquent, Feb 04 '20 at 09:15

score 3 · Accepted Answer · answered Feb 04 '20 at 09:17

3

As per my comment, I would use Get-BitLockerVolume instead as it returns an object which is easier to query:

Get-BitLockerVolume -MountPoint C: | Select-Object -ExpandProperty ProtectionStatus

answered Feb 04 '20 at 09:17

I.T Delinquent

2,305
2
16
33

Hi @DanielThomas, if my response answered your question please mark it as the answer :-) – I.T Delinquent Feb 04 '20 at 10:18

score 0 · Answer 2 · answered Feb 04 '20 at 09:14

If I understand correctly, you would like to check if it matches Off under Protection Status? If so, here is an ugly piece of code I did it fast, but can get you what you want:

$status = manage-bde -status C: | Select-String 'Protection'
if ($status -match 'Off'){
Write-Output $true
} else {
Write-Host $false
}

score 0 · Answer 3 · answered Nov 30 '20 at 03:39

I used something similar to the post above to determine if BitLocker had been enabled over a drive from the manufacture which will always have unknown or none in the identification field.

# Check for OEM configuration of BitLocker

$blidfield = manage-bde -status C: | Select-String 'Identification Field'
$bloemencrypted = manage-bde -status C: | Select-String 'Conversion Status'
if ($blidfield -match 'None' -or $blidfield -match 'Unknown' -and ($bloemencrypted -match 'Fully Encrypted' -or $bloemencrypted -match 'Used Space Only Encrypted')){
    Write-Log "BitLocker appears to be configured with OEM configuration, Starting to decrypt."
    manage-bde -off C:
    exit
} else {
    Write-Log "BitLocker doesn't appear to be configured with OEM configuration"
}

Please note that the line 'manage-bde -off C:' will decrypt the OS drive.

How do I get a specific value from a line in powershell

3 Answers3