After following this post I was able to detect bitlocker without admin permissions, debugging in Visual Studio works fine and running my program standalone is also fine. However, my program runs as a service normally and when ran as a service it always results in 0 as the bitlocker status.
Here is the code snippet of what actually gets the BitLocker state.
public static int? GetDriveBitlocker(DriveInfo retdrive)
{
IShellProperty prop = ShellObject.FromParsingName(retdrive.Name.Replace(@"\", "")).Properties.GetProperty("System.Volume.BitLockerProtection");
int? bitLocker = (prop as ShellProperty<int?>).Value;
return bitLocker;
}
No errors are thrown, it just results in 0 (unknown) whereas ran from VS it would be 1 (Encrypted).
A PowerShell equivalent of this is
(New-Object -ComObject Shell.Application).NameSpace('C:').Self.ExtendedProperty('System.Volume.BitLockerProtection')
So to easily reproduce i created the following script
$var = (New-Object -ComObject Shell.Application).NameSpace('C:').Self.ExtendedProperty('System.Volume.BitLockerProtection')
$date = Get-Date;
$string = "the output was " + $var + " on " + $date;
$string | Out-File -FilePath C:\Users\me\Desktop\bitlocker.txt
When ran directly via PowerShell, the following is logged which is correct
the output was 1 on 09/08/2022 16:33:49
However when ran from a service made to invoke the PowerShell script, it gives the an incorrect result
the output was 0 on 09/08/2022 16:35:22
