"Access is Denied" When Running Script as System in Syncro


I’m trying to run the below script using Syncro and I get the error message, “Access is denied.” Any help would be much appreciated.

Get-BitLockerVolume | Enable-BitLocker -EncryptionMethod Aes128 -RecoveryKeyPath “path I have specified” -RecoveryKeyProtector

My guess is this an error for the machine nothing to do with Syncro. Try running the command manually on the machine and I bet you’ll get the same error which you’ll need to research to find out why.

I don’t see anything wrong with your script- unless the “path I have specified” isn’t writable by the System account. For what it’s worth- here’s ours that works great:

#TODO - MAKE SURE YOU SETUP YOUR ASSET CUSTOM FIELD CALLED “Bitlocker_Key_” for each drive as a “Text Field” on your

Syncro Device asset type. Assets → Manage Types → Syncro Device → New Field

Based on the Syncro Staff product keys script.

Import-Module $env:SyncroModule

#Creates temp directory if it does not exist
Set-Location C:
md temp
Set-Location C:\Temp

#Puts keys into text files
(Get-BitLockerVolume -MountPoint C).KeyProtector.recoverypassword > C:\Temp\bitlockerkeyc.txt
(Get-BitLockerVolume -MountPoint D).KeyProtector.recoverypassword > C:\Temp\bitlockerkeyd.txt

Start-Sleep -Seconds 15

#Gets keys from text files
[string] $textc = Get-Content C:\Temp\bitlockerkeyc.txt -raw
[string] $textd = Get-Content C:\Temp\bitlockerkeyd.txt -raw
[string] $texte = Get-Content C:\Temp\bitlockerkeye.txt -raw

#Adds keys to Syncro
Set-Asset-Field -Subdomain $subdomain -Name “Bitlocker_Key_C” -Value $textc
write-host “Set the custom field value to $textc”

Set-Asset-Field -Subdomain $subdomain -Name “Bitlocker_Key_D” -Value $textd
write-host “Set the custom field value to $textd”

#Removes text files with keys from PC for security
Set-Location C:\Temp
Del bitlockerkeyc.txt
Del bitlockerkeyd.txt
Del bitlockerkeye.txt

Why are you writing the value to disk and then retrieving it?

$BLKey_C = (Get-BitLockerVolume -MountPoint C).KeyProtector.recoverypassword

#test for valid key here

#Save it if valid or write N/A
Set-Asset-Field -Subdomain $subdomain -Name “Bitlocker_Key_C” -Value $BLKey_C