Edit

Share via

New-CMTSStepOfflineEnableBitLocker

Module:
ConfigurationManager Module

Create a Pre-provision BitLocker step, which you can add to a task sequence.

Syntax

Default (Default) 

New-CMTSStepOfflineEnableBitLocker
    [-Disk <Int32>]
    [-Drive <String>]
    [-EnableSkipWhenTpmInvalid <Boolean>]
    [-EncryptionMethod <DiskEncryptionMethod>]
    [-Partition <Int32>]
    [-VariableName <String>]
    [-Condition <IResultObject[]>]
    [-ContinueOnError]
    [-Description <String>]
    [-Disable]
    -Name <String>
    [-DisableWildcardHandling]
    [-ForceWildcardHandling]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

Description

This cmdlet creates a new Pre-provision BitLocker step object. Then use the Add-CMTaskSequenceStep cmdlet to add the step to a task sequence. For more information on this task sequence step, see About task sequence steps.

Note

Run Configuration Manager cmdlets from the Configuration Manager site drive, for example PS XYZ:\>. For more information, see getting started.

Examples

Example 1

This example creates an object for the Pre-provision BitLocker step to encrypt the C: drive.

It then gets a task sequence object, and adds this new step to the task sequence at index 11.

$step = New-CMTSStepOfflineEnableBitLocker -Name "Pre-provision BitLocker" -Drive "C:" -EncryptionMethod AES_256 -EnableSkipWhenTpmInvalid $false

$tsNameOsd = "Default OS deployment"
$tsOsd = Get-CMTaskSequence -Name $tsNameOsd -Fast

$tsOsd | Add-CMTaskSequenceStep -Step $step -InsertStepStartIndex 11

Parameters

-Condition

Specify a condition object to use with this step. To get this object, use one of the task sequence condition cmdlets. For example, Get-CMTSStepConditionVariable.

Parameter properties

Type:

IResultObject[]

Default value:None
Supports wildcards:False
DontShow:False
Aliases:Conditions

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-Confirm

Prompts you for confirmation before running the cmdlet.

Parameter properties

Type:SwitchParameter
Default value:None
Supports wildcards:False
DontShow:False
Aliases:cf

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-ContinueOnError

Add this parameter to enable the step option Continue on error. When you enable this option, if the step fails, the task sequence continues.

Parameter properties

Type:SwitchParameter
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-Description

Specify an optional description for this task sequence step.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-Disable

Add this parameter to disable this task sequence step.

Parameter properties

Type:SwitchParameter
Default value:None
Supports wildcards:False
DontShow:False
Aliases:DisableThisStep

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-DisableWildcardHandling

This parameter treats wildcard characters as literal character values. You can't combine it with ForceWildcardHandling.

Parameter properties

Type:SwitchParameter
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-Disk

Specify the specific disk number to encrypt. Use this parameter with the -Partition parameter.

Parameter properties

Type:Int32
Default value:None
Supports wildcards:False
DontShow:False
Aliases:DestinationDisk

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-Drive

Specify the logical drive letter to encrypt. For example, C:

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False
Aliases:DestinationDrive

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-EnableSkipWhenTpmInvalid

Set this parameter to true to skip this step for computers that don't have a TPM or when the TPM isn't enabled.

Parameter properties

Type:Boolean
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-EncryptionMethod

Applies to version 2006 and later. Use this parameter to specify the disk encryption mode. By default or if not specified, the step continues to use the default encryption method for the OS version.

Parameter properties

Type:DiskEncryptionMethod
Default value:None
Accepted values:DoNotSpecify, AES_128, AES_256, XTS_AES128, XTS_AES256, TotalCount
Supports wildcards:False
DontShow:False
Aliases:DiskEncryptionMethod

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-ForceWildcardHandling

This parameter processes wildcard characters and may lead to unexpected behavior (not recommended). You can't combine it with DisableWildcardHandling.

Parameter properties

Type:SwitchParameter
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-Name

Specify a name for this step to identify it in the task sequence.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False
Aliases:StepName

Parameter sets

(All)
Position:Named
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-Partition

Specify the specific partition number to encrypt. Use this parameter with the -Disk parameter.

Parameter properties

Type:Int32
Default value:None
Supports wildcards:False
DontShow:False
Aliases:DestinationPartition

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-VariableName

Specify a task sequence variable to identify the logical drive letter as the destination for BitLocker.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False
Aliases:DestinationVariable

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-WhatIf

Shows what would happen if the cmdlet runs. It doesn't run the cmdlet.

Parameter properties

Type:SwitchParameter
Default value:None
Supports wildcards:False
DontShow:False
Aliases:wi

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.

Inputs

None

Outputs

IResultObject

Notes

For more information on this return object and its properties, see SMS_TaskSequence_OfflineEnableBitLockerAction server WMI class.