Public/Functions/Unlock-MyBitLockerExternalKey.ps1
function Unlock-MyBitLockerExternalKey { [CmdletBinding()] param ( [Parameter(Position = 0, ValueFromPipelineByPropertyName)] [string[]]$Path, [Parameter(Position = 1, ValueFromPipelineByPropertyName)] [System.Management.Automation.SwitchParameter]$Recurse ) begin { #================================================= # Require Admin Rights #================================================= if ((Get-OSDGather -Property IsAdmin) -eq $false) { Write-Warning "$($MyInvocation.MyCommand) requires Admin Rights ELEVATED" Break } #================================================= # Get-Command Get-BitLockerVolume #================================================= if (-NOT (Get-Command Get-BitLockerVolume -ErrorAction Ignore)) { Write-Warning "$($MyInvocation.MyCommand) requires Get-BitLockerVolume which is not present on this system" Break } #================================================= # Test-Path #================================================= foreach ($Item in $Path) { if (-NOT (Test-Path $Item)) { Write-Warning "Unable to validate Path at $Item" Break } } #================================================= # Get-MyBitLockerKeyProtectors #================================================= $BitLockerKeyProtectors = Get-MyBitLockerKeyProtectors | Sort-Object -Property MountPoint | Where-Object {$_.LockStatus -eq 'Locked'} | Where-Object {$_.KeyProtectorType -eq 'ExternalKey'} | Select-Object * $BitLockerKeyProtectors if ($null -eq $BitLockerKeyProtectors) { Write-Warning "No BitLocker Volumes with a LockStatus of Locked could be found" Break } #================================================= } process { foreach ($BitLockerKeyProtector in $BitLockerKeyProtectors) { $ExternalKeyName = (($BitLockerKeyProtector).KeyProtectorId -replace "{" -replace "}") + ".BEK" if ($Recurse) { $RecoveryKeyPath = (Get-ChildItem -Path $Path -Force -Recurse | Where-Object {$_.Name -eq $ExternalKeyName} | Select-Object -First 1).FullName } else { $RecoveryKeyPath = (Get-ChildItem -Path $Path -Force | Where-Object {$_.Name -eq $ExternalKeyName} | Select-Object -First 1).FullName } if ($RecoveryKeyPath) { Write-Verbose "MountPoint: $($BitLockerKeyProtector.MountPoint)" -Verbose Write-Verbose "RecoveryKeyPath: $RecoveryKeyPath" -Verbose Unlock-BitLocker -MountPoint $BitLockerKeyProtector.MountPoint -RecoveryKeyPath $RecoveryKeyPath } else { Write-Warning "Unable to find a ExternalKey $ExternalKeyName" } } } end {} } |