{"id":208395,"date":"2024-01-19T15:13:01","date_gmt":"2024-01-19T15:13:01","guid":{"rendered":"https:\/\/www.ninjaone.com\/script-hub\/comment-identifier-des-disques-durs-deverrouilles-et-entierement-dechiffres-powershell\/"},"modified":"2024-03-04T19:22:53","modified_gmt":"2024-03-04T19:22:53","slug":"comment-identifier-des-disques-durs-deverrouilles-et-entierement-dechiffres-powershell","status":"publish","type":"script_hub","link":"https:\/\/www.ninjaone.com\/fr\/script-hub\/comment-identifier-des-disques-durs-deverrouilles-et-entierement-dechiffres-powershell\/","title":{"rendered":"Comment identifier les disques durs d\u00e9verrouill\u00e9s et enti\u00e8rement d\u00e9chiffr\u00e9s \u00e0 l&rsquo;aide de PowerShell ?"},"content":{"rendered":"<p>Le paysage informatique en constante \u00e9volution exige de la vigilance en mati\u00e8re de s\u00e9curit\u00e9, en particulier dans le domaine de la protection des donn\u00e9es. Alors que la transformation num\u00e9rique pousse les entreprises \u00e0 s&rsquo;appuyer davantage sur les donn\u00e9es, la protection des informations sensibles devient primordiale. L&rsquo;un des aspects essentiels de la protection des donn\u00e9es est la compr\u00e9hension de l&rsquo;\u00e9tat du chiffrement des disques. Cela nous am\u00e8ne \u00e0 notre objectif principal : un script PowerShell capable <strong>d&rsquo;identifier le nombre de disques durs d\u00e9verrouill\u00e9s et enti\u00e8rement d\u00e9crypt\u00e9s.\u00a0<\/strong><\/p>\n<h2>Contexte<\/h2>\n<p>Le chiffrement des disques est depuis longtemps un pilier de la s\u00e9curit\u00e9 de l&rsquo;information, en particulier dans les entreprises o\u00f9 sont stock\u00e9s d&rsquo;importants volumes de donn\u00e9es sensibles. Les professionnels de l&rsquo;informatique et les <a href=\"https:\/\/www.ninjaone.com\/fr\/quest-ce-quun-msp\/\">fournisseurs de services g\u00e9r\u00e9s (MSP)<\/a> s&rsquo;efforcent de veiller \u00e0 ce que les disques durs restent chiffr\u00e9s afin d&#8217;emp\u00eacher tout acc\u00e8s non autoris\u00e9. Le contr\u00f4le de l&rsquo;\u00e9tat du chiffrement devient une t\u00e2che cruciale, d&rsquo;o\u00f9 la n\u00e9cessit\u00e9 d&rsquo;\u00e9laborer des scripts efficaces qui permettent de savoir quels lecteurs peuvent \u00eatre vuln\u00e9rables. Notre script r\u00e9pond \u00e0 ce besoin pr\u00e9cis.<\/p>\n<h2>Le script<\/h2>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\">#Requires -Version 2.0\r\n\r\n&lt;#\r\n.SYNOPSIS\r\n    Returns the number of drives in the Unlocked and FullyDecrypted state.\r\n.DESCRIPTION\r\n    Returns the number of drives in the Unlocked and FullyDecrypted state.\r\n.EXAMPLE\r\n    No parameters needed.\r\n.EXAMPLE\r\n    PS C:&gt; Get-UnencryptedDiskCount.ps1\r\n    No Parameters needed\r\n.OUTPUTS\r\n    int\r\n.NOTES\r\n    Minimum OS Architecture Supported: Windows 7, Windows Server 2012\r\n    Uses manage-bde.exe or Get-BitLockerVolume depending on the version of PowerShell\r\n    Release Notes:\r\n    Initial Release\r\nBy using this script, you indicate your acceptance of the following legal terms as well as our Terms of Use at https:\/\/www.ninjaone.com\/terms-of-use.\r\n    Ownership Rights: NinjaOne owns and will continue to own all right, title, and interest in and to the script (including the copyright). NinjaOne is giving you a limited license to use the script in accordance with these legal terms. \r\n    Use Limitation: You may only use the script for your legitimate personal or internal business purposes, and you may not share the script with another party. \r\n    Republication Prohibition: Under no circumstances are you permitted to re-publish the script in any script library or website belonging to or under the control of any other software provider. \r\n    Warranty Disclaimer: The script is provided \u201cas is\u201d and \u201cas available\u201d, without warranty of any kind. NinjaOne makes no promise or guarantee that the script will be free from defects or that it will meet your specific needs or expectations. \r\n    Assumption of Risk: Your use of the script is at your own risk. You acknowledge that there are certain inherent risks in using the script, and you understand and assume each of those risks. \r\n    Waiver and Release: You will not hold NinjaOne responsible for any adverse or unintended consequences resulting from your use of the script, and you waive any legal or equitable rights or remedies you may have against NinjaOne relating to your use of the script. \r\n    EULA: If you are a NinjaOne customer, your use of the script is subject to the End User License Agreement applicable to you (EULA).\r\n.COMPONENT\r\n    Misc\r\n#&gt;\r\n\r\n[CmdletBinding()]\r\nparam ()\r\n\r\nbegin {\r\n    function Test-IsElevated {\r\n        $id = [System.Security.Principal.WindowsIdentity]::GetCurrent()\r\n        $p = New-Object System.Security.Principal.WindowsPrincipal($id)\r\n        if ($p.IsInRole([System.Security.Principal.WindowsBuiltInRole]::Administrator))\r\n        { Write-Output $true }\r\n        else\r\n        { Write-Output $false }\r\n    }\r\n    function Get-DriveLetter {\r\n        param()\r\n        Get-Disk | Where-Object { $_.bustype -ne 'USB' } | Get-Partition | Where-Object { $_.DriveLetter } | Select-Object -ExpandProperty DriveLetter\r\n    }\r\n    function Invoke-ManageBDE {\r\n        [CmdletBinding()]\r\n        param ()\r\n        # Check if manage-bde.exe is available\r\n        if ((Get-Command -Name \"manage-bde.exe\" -ErrorAction SilentlyContinue)) {\r\n            # Get physical drives\r\n            Get-DriveLetter | ForEach-Object {\r\n                $DriveLetter = $_\r\n                $ReturnObj = [PSCustomObject]@{\r\n                    MountPoint = \"$_`:\"\r\n                }\r\n                # Get data from manage-bde.exe and convert the text to objects for easier processing \r\n                (manage-bde.exe -status \"$_`:\") -split \"`n\" | Where-Object { $_ -like \"*:*\" } | ForEach-Object {\r\n                    $First = ($_ -split \":\")[0].Trim() -replace ' '\r\n                    $Last = ($_ -split \":\")[1].Trim() -replace ' '\r\n                    if ($First -notlike \"Name\" -and $First -notlike \"BitLocker Drive Encryption\" -and $First -notlike \"Volume $DriveLetter\") {\r\n                        if ($First -like \"ConversionStatus\") {\r\n                            # Renames ConversionStatus to VolumeStatus to match Get-BitLockerVolume's output\r\n                            $ReturnObj | Add-Member -MemberType NoteProperty -Name \"VolumeStatus\" -Value $Last\r\n                        }\r\n                        else {\r\n                            $ReturnObj | Add-Member -MemberType NoteProperty -Name $First -Value $Last\r\n                        }\r\n                    }\r\n                }\r\n                $ReturnObj\r\n            } | Select-Object MountPoint, LockStatus, VolumeStatus\r\n        }\r\n        else {\r\n            Write-Host \"Windows Feature BitLocker is not install.\"\r\n            Write-Output 0\r\n        }\r\n    }\r\n}\r\nprocess {\r\n    if (-not (Test-IsElevated)) {\r\n        Write-Error -Message \"Access Denied. Please run with Administrator privileges.\"\r\n        exit 1\r\n    }\r\n    $Result = if ($PSVersionTable.PSVersion.Major -le 4) {\r\n        Invoke-ManageBDE\r\n    }\r\n    else {\r\n        try {\r\n            Get-DriveLetter | Get-BitLockerVolume | Select-Object MountPoint, LockStatus, VolumeStatus\r\n        }\r\n        catch {\r\n            Write-Output \"Falling back on manage-bde.exe\"\r\n            Invoke-ManageBDE\r\n        }\r\n    }\r\n    $UnencryptedDisks = if ($Result) {\r\n        (($Result | Where-Object { \"Unlocked\" -like $_.LockStatus -and \"FullyDecrypted\" -like $_.VolumeStatus }).LockStatus).Count\r\n    }\r\n    else {\r\n        (Get-DriveLetter).Count\r\n    }\r\n    \r\n    # Return a count of Unlocked drives\r\n    Write-Host \"Unencrypted Disk Count: $UnencryptedDisks\"\r\n    # Return an exit code of 2 if more than 1 disk is unencrypted\r\n    if ($UnencryptedDisks -gt 0) {\r\n        exit 2\r\n    }\r\n    exit 0\r\n}\r\nend {}<\/pre>\n<p>&nbsp;<\/p>\n\n<div class=\"in-context-cta\"><p style=\"text-align: center;\">Acc\u00e9dez \u00e0 plus de 700 scripts dans le Dojo NinjaOne<\/p>\n<p style=\"text-align: center;\"><a href=\"https:\/\/www.ninjaone.com\/fr\/phase-de-test-gratuit\/\">Obtenez l&rsquo;acc\u00e8s<\/a><\/p>\n<\/div>\n<h2>Description d\u00e9taill\u00e9e<\/h2>\n<p>Le script est structur\u00e9 de mani\u00e8re m\u00e9ticuleuse afin de fournir un d\u00e9compte des disques non chiffr\u00e9s. Voici comment il atteint son objectif :<\/p>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559684&quot;:-2,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\"><strong>V\u00e9rification de l&rsquo;\u00e9l\u00e9vation :<\/strong> Initialement, le script s&rsquo;assure qu&rsquo;il s&rsquo;ex\u00e9cute avec les droits d&rsquo;administrateur. Il peut ainsi acc\u00e9der sans restriction aux informations n\u00e9cessaires sur le disque.<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559684&quot;:-2,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\"><strong>R\u00e9cup\u00e9ration de lettres de lecteur :<\/strong> Le script r\u00e9cup\u00e8re les lettres de lecteur de tous les lecteurs non connect\u00e9s en USB.<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559684&quot;:-2,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"3\" data-aria-level=\"1\"><strong>\u00c9tat du chiffrement :<\/strong> En fonction de la version de PowerShell et de la disponibilit\u00e9 d&rsquo;utilitaires sp\u00e9cifiques, le script v\u00e9rifie l&rsquo;\u00e9tat du chiffrement via manage-bde.exe ou Get-BitLockerVolume.<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559684&quot;:-2,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"4\" data-aria-level=\"1\"><strong>Rassemblement et affichage des r\u00e9sultats :<\/strong> Le script compte le nombre de lecteurs d\u00e9verrouill\u00e9s et enti\u00e8rement d\u00e9chiffr\u00e9s, puis affiche le r\u00e9sultat.<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559684&quot;:-2,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"5\" data-aria-level=\"1\"><strong>Codes de sortie :<\/strong> Il propose des codes de sortie pour indiquer le r\u00e9sultat. Un code de sortie de \u00ab\u00a02\u00a0\u00bb signifie qu&rsquo;il y a plus d&rsquo;un disque non chiffr\u00e9, tandis que \u00ab\u00a00\u00a0\u00bb indique que tout va bien.<\/li>\n<\/ul>\n<h2>Cas d&rsquo;utilisation potentiels<\/h2>\n<p>Imaginez un professionnel de l&rsquo;informatique, Alex, qui travaille pour une entreprise de soins de sant\u00e9 poss\u00e9dant des centaines d&rsquo;ordinateurs. Chaque appareil contient des donn\u00e9es sensibles sur les patients, ce qui rend le chiffrement crucial. P\u00e9riodiquement, Alex doit s&rsquo;assurer que les lecteurs de chaque machine sont chiffr\u00e9s. \u00c0 l&rsquo;aide de ce script, il peut collecter efficacement des donn\u00e9es, ce qui lui permet de rem\u00e9dier rapidement aux vuln\u00e9rabilit\u00e9s potentielles.<\/p>\n<h2>Comparaisons<\/h2>\n<p>Bien qu&rsquo;il existe d&rsquo;autres m\u00e9thodes, comme des solutions logicielles tierces qui offrent une surveillance du chiffrement des disques, notre script se distingue par sa simplicit\u00e9 et son int\u00e9gration directe avec les utilitaires Windows natifs. Alors que de nombreuses solutions n\u00e9cessitent des frais d&rsquo;installation ou de licence prolong\u00e9s, ce script PowerShell est l\u00e9ger, rentable et peut \u00eatre ex\u00e9cut\u00e9 instantan\u00e9ment.<\/p>\n<h2>FAQ<\/h2>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559684&quot;:-2,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\"><strong>Ai-je besoin de droits d&rsquo;administrateur pour ex\u00e9cuter ce script ?<\/strong><br \/>\nOui, vous devez l&rsquo;ex\u00e9cuter avec des privil\u00e8ges d&rsquo;administrateur pour obtenir des r\u00e9sultats pr\u00e9cis.<\/li>\n<\/ul>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559684&quot;:-2,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\"><strong>Le script fonctionne-t-il sur toutes les versions de Windows ?<\/strong><br \/>\nIl prend en charge Windows 7 et les versions plus r\u00e9centes, ainsi que Windows Server 2012.<\/li>\n<\/ul>\n<h2>Implications<\/h2>\n<p>Bien que le script est un outil formidable, il est essentiel d&rsquo;en comprendre les r\u00e9sultats. Les disques non chiffr\u00e9s dans un environnement d&rsquo;entreprise peuvent entra\u00eener des violations de donn\u00e9es. Ainsi, le texte ne se contente pas d&rsquo;informer, il constitue un syst\u00e8me d&rsquo;alerte pr\u00e9coce.<\/p>\n<h2>Recommandations<\/h2>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559684&quot;:-2,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\">Ex\u00e9cutez toujours le script p\u00e9riodiquement, en particulier apr\u00e8s l&rsquo;introduction de nouveaux lecteurs ou syst\u00e8mes dans votre r\u00e9seau.<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559684&quot;:-2,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\">Int\u00e9grez ses r\u00e9sultats \u00e0 d&rsquo;autres outils de surveillance pour obtenir un tableau de bord complet de la s\u00e9curit\u00e9.<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559684&quot;:-2,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\">Envisagez une automatisation qui alerte imm\u00e9diatement le personnel informatique en cas de d\u00e9tection d&rsquo;un disque non chiffr\u00e9.<\/li>\n<\/ul>\n<h2>Conclusions<\/h2>\n<p>Dans le contexte du chiffrement des disques, un outil qui fournit des informations comme notre script PowerShell est inestimable. Pour des plateformes comme NinjaOne, qui se concentre sur la<a href=\"https:\/\/www.ninjaone.com\/fr\/\"> gestion informatique int\u00e9gr\u00e9e<\/a>, l&rsquo;incorporation de tels scripts peut offrir aux utilisateurs une vision plus compl\u00e8te de leur s\u00e9curit\u00e9 informatique. \u00c0 une \u00e9poque o\u00f9 les violations de donn\u00e9es sont de plus en plus fr\u00e9quentes, les outils qui peuvent offrir des informations en temps r\u00e9el sur les vuln\u00e9rabilit\u00e9s telles que les lecteurs non chiffr\u00e9s ne sont pas seulement utiles, mais essentiels.<\/p>\n","protected":false},"author":35,"featured_media":143969,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"_relevanssi_hide_post":"","_relevanssi_hide_content":"","_relevanssi_pin_for_all":"","_relevanssi_pin_keywords":"","_relevanssi_unpin_keywords":"","_relevanssi_related_keywords":"","_relevanssi_related_include_ids":"","_relevanssi_related_exclude_ids":"","_relevanssi_related_no_append":"","_relevanssi_related_not_related":"","_relevanssi_related_posts":"","_relevanssi_noindex_reason":"","_lmt_disableupdate":"no","_lmt_disable":""},"operating_system":[4212],"use_cases":[4281],"class_list":["post-208395","script_hub","type-script_hub","status-publish","has-post-thumbnail","hentry","script_hub_category-windows"],"acf":[],"_links":{"self":[{"href":"https:\/\/www.ninjaone.com\/fr\/wp-json\/wp\/v2\/script_hub\/208395","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ninjaone.com\/fr\/wp-json\/wp\/v2\/script_hub"}],"about":[{"href":"https:\/\/www.ninjaone.com\/fr\/wp-json\/wp\/v2\/types\/script_hub"}],"author":[{"embeddable":true,"href":"https:\/\/www.ninjaone.com\/fr\/wp-json\/wp\/v2\/users\/35"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ninjaone.com\/fr\/wp-json\/wp\/v2\/comments?post=208395"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.ninjaone.com\/fr\/wp-json\/wp\/v2\/media\/143969"}],"wp:attachment":[{"href":"https:\/\/www.ninjaone.com\/fr\/wp-json\/wp\/v2\/media?parent=208395"}],"wp:term":[{"taxonomy":"script_hub_category","embeddable":true,"href":"https:\/\/www.ninjaone.com\/fr\/wp-json\/wp\/v2\/operating_system?post=208395"},{"taxonomy":"use_cases","embeddable":true,"href":"https:\/\/www.ninjaone.com\/fr\/wp-json\/wp\/v2\/use_cases?post=208395"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}