Created
September 26, 2019 12:34
-
-
Save Ioan-Popovici/e57b1eb2f4e0fc1a10e483afa643407b to your computer and use it in GitHub Desktop.
SCCM HWI Extension definitions for BitLocker Policy
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| //——————————————— // BitLocker Policy Definitions //——————————————— | |
| // Set default Namespace and delete the Win32Reg_BitLockerPolicy if it already exists | |
| //#PRAGMA Namespace ("\\\\.\\Root\\CIMv2\\SMS") | |
| //#PRAGMA DeleteClass ("Win32Reg_BitLockerPolicy", NOFAIL) | |
| //-- Create WMI class | |
| //- Class Qualifiers | |
| [ | |
| Description ("The Win32Reg_BitLockerPolicy class contains information about the BitLocker Policy. You can use this information for BitLocker reporting."): ToInstance, | |
| SMS_Report (TRUE), | |
| SMS_Group_Name ("BitLocker Policy"), | |
| SMS_Class_ID ("CUSTOM|BITLOCKER_POLICY|1.0"), | |
| SMS_Context_1 ("__ProviderArchitecture=32|Uint32"), | |
| SMS_Context_2 ("__RequiredArchitecture=true|Boolean") | |
| ] | |
| //- Class properties | |
| Class Win32Reg_BitLockerPolicy | |
| { | |
| [ SMS_Report (TRUE), KEY ] | |
| String KeyName; | |
| //- BitLocker General properties | |
| [ SMS_Report (TRUE) ] | |
| Uint32 ActiveDirectoryBackup; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 ActiveDirectoryInfoToStore; | |
| [ SMS_Report (TRUE) ] | |
| String CertificateOID; | |
| [ SMS_Report (TRUE) ] | |
| String DefaultRecoveryFolderPath; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 DisableExternalDMAUnderLock; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 DisallowStandardUserPINReset; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 EnableBDEWithNoTPM; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 EnableNonTPM; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 EncryptionMethod; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 EncryptionMethodNoDiffuser; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 EncryptionMethodWithXtsFdv; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 EncryptionMethodWithXtsOs; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 EncryptionMethodWithXtsRdv; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 IdentificationField; | |
| [ SMS_Report (TRUE) ] | |
| String IdentificationFieldString; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 MinimumPIN; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 MorBehavior; | |
| [ SMS_Report (TRUE) ] | |
| String RecoveryKeyMessage; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 RecoveryKeyMessageSource; | |
| [ SMS_Report (TRUE) ] | |
| String RecoveryKeyUrl; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 RequireActiveDirectoryBackup; | |
| [ SMS_Report (TRUE) ] | |
| String SecondaryIdentificationField; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 TPMAutoReseal; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 UseAdvancedStartup; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 UseEnhancedPin; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 UsePartialEncryptionKey; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 UsePIN; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 UseRecoveryDrive; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 UseRecoveryPassword; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 UseTPM; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 UseTPMKey; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 UseTPMKeyPIN; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 UseTPMPIN; | |
| //- BitLocker OS Drives properties | |
| [ SMS_Report (TRUE) ] | |
| Uint32 OSActiveDirectoryBackup; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 OSActiveDirectoryInfoToStore; | |
| [ SMS_Report (TRUE) ] | |
| String OSAllowedHardwareEncryptionAlgorithms; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 OSAllowSecureBootForIntegrity; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 OSAllowSoftwareEncryptionFailover; | |
| [ SMS_Report (TRUE) ] | |
| String OSBcdAdditionalExcludedSettings; | |
| [ SMS_Report (TRUE) ] | |
| String OSBcdAdditionalSecurityCriticalSettings; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 OSEnablePrebootInputProtectorsOnSlates; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 OSEnablePreBootPinExceptionOnDECapableDevice; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 OSEncryptionType; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 OSHardwareEncryption; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 OSHideRecoveryPage; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 OSManageDRA; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 OSManageNKP; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 OSPassphrase; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 OSPassphraseASCIIOnly; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 OSPassphraseComplexity; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 OSPassphraseLength; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 OSRecovery; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 OSRecoveryKey; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 OSRecoveryPassword; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 OSRequireActiveDirectoryBackup; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 OSRestrictHardwareEncryptionAlgorithms; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 OSUseEnhancedBcdProfile; | |
| //- BitLocker Fixed Data Drives properties | |
| [ SMS_Report (TRUE) ] | |
| Uint32 FDVActiveDirectoryBackup; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 FDVActiveDirectoryInfoToStore; | |
| [ SMS_Report (TRUE) ] | |
| String FDVAllowedHardwareEncryptionAlgorithms; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 FDVAllowSoftwareEncryptionFailover; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 FDVAllowUserCert; | |
| [ SMS_Report (TRUE) ] | |
| String FDVDiscoveryVolumeType; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 FDVEncryptionType; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 FDVEnforcePassphrase; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 FDVEnforceUserCert; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 FDVHardwareEncryption; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 FDVHideRecoveryPage; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 FDVManageDRA; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 FDVNoBitLockerToGoReader; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 FDVPassphrase; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 FDVPassphraseComplexity; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 FDVPassphraseLength; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 FDVRecovery; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 FDVRecoveryKey; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 FDVRecoveryPassword; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 FDVRequireActiveDirectoryBackup; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 FDVRestrictHardwareEncryptionAlgorithms; | |
| //- BitLocker Removable Data Drives properties | |
| [ SMS_Report (TRUE) ] | |
| Uint32 RDVActiveDirectoryBackup; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 RDVActiveDirectoryInfoToStore; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 RDVAllowBDE; | |
| [ SMS_Report (TRUE) ] | |
| String RDVAllowedHardwareEncryptionAlgorithms; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 RDVAllowSoftwareEncryptionFailover; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 RDVAllowUserCert; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 RDVConfigureBDE; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 RDVDenyCrossOrg; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 RDVDisableBDE; | |
| [ SMS_Report (TRUE) ] | |
| String RDVDiscoveryVolumeType; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 RDVEncryptionType; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 RDVEnforcePassphrase; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 RDVEnforceUserCert; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 RDVHardwareEncryption; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 RDVHideRecoveryPage; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 RDVManageDRA; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 RDVNoBitLockerToGoReader; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 RDVPassphrase; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 RDVPassphraseComplexity; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 RDVPassphraseLength; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 RDVRecovery; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 RDVRecoveryKey; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 RDVRecoveryPassword; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 RDVRequireActiveDirectoryBackup; | |
| [ SMS_Report (TRUE) ] | |
| Uint32 RDVRestrictHardwareEncryptionAlgorithms; | |
| }; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment