我正在编写一个批处理脚本,将其作为计划任务在某些连接到网络的计算机上运行,以自动运行并将 BitLocker 密钥备份到安全位置。我可以将密钥很好地备份到一些文本文件中,但我想知道是否有更简洁的方法来获取信息。当前日志如下所示:
Host: SFXXXXXXXX
User: Doe, John
Timestamp: 08\26\2022 @ 16:26
BitLocker Drive Encryption: Configuration Tool version 10.0.19041
Copyright (C) 2013 Microsoft Corporation. All rights reserved.
Volume C: [Windows]
All Key Protectors
TPM:
ID: {XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX}
PCR Validation Profile:
0, 2, 4, 11
Numerical Password:
ID: {XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX}
Password:
XXXXXX-XXXXXX-XXXXXX-XXXXXX-XXXXXX-XXXXXX-XXXXXX-XXXXXX
-----------------------------------------------------------------
但我宁愿放弃 TPM 详细信息,因为它们与我的需求无关。是否有一个开关或参数可用于仅获取密钥和相关设备 ID?看起来更像这样:
Host: SFXXXXXXXX
User: Doe, John
Timestamp: 08\26\2022 @ 16:26
Volume C: [Windows]
Numerical Password:
ID: {XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX}
Password:
XXXXXX-XXXXXX-XXXXXX-XXXXXX-XXXXXX-XXXXXX-XXXXXX-XXXXXX
-----------------------------------------------------------------
格式不必与我所想的完全一致,我只是希望文件中少一些多余的内容。
答案1
manage-bde -protectors -get c: -t RecoveryPassword
这将仅显示恢复密码。