DEVHIDE
Login Or Sign up

Using Google Admin APIs, how can I export the list of Company Owned Devices with Encryption (BitLocker) Status?

18 Views Asked by At

As part of a regular compliance task we need to verify the BitLocker Drive Encryption on all users Windows Machines.

Ideally I would like to have it in the following format, which should be easy enough to script out if I can get the data I need:

Machine Name Serial Number Username BitLocker Status OS Version
SomeMachineName 000000000000 [email protected] Encrypted Microsoft Windows 11 Professional 10.0.22635

I have checked the Google Admin UI / Docs and not been able to find a way to achieve this.

Additionally, Google Support suggested asking here on Stack Overflow.

Ideally what I am looking to get is a CSV of the data after it has gone through the following process:

  1. Get all Active users that have logged in at least once in the last 3 months.
  2. Get all Company Owned Devices
  3. For each device, identify the last user to login
  4. If device OS is not mobile (Android/iOS) / is not Windows, write to CSV with BitLocker Status Unavailable (Non-Windows), with serial number, machine name, last user email, OS Name and Version.
  5. If device OS is windows, Get BitLocker status and write to CSV with serial number, machine name, last user email, OS Name and Version.
  6. Then Compare the User List from Step 1 with the CSV We have generated.
  7. For any user that is not in the generated CSV, Check all "User Owned" devices to see if they have any windows devices associated to them.
  8. If they do have any Windows devices, identify if any that are managed by "Endpoint Verification"
  9. If there are any that are managed by "Endpoint Verification" Add to the CSV, as per step 5, with a * appended to the BitLocker status
  10. If there are no Windows devices managed by endpoint verification, check for any managed by GCPW and write to the CSV with the BitLocker status Unavailable (No Managed Machine) as the BitLocker status
  11. Lastly for any users that are still not processed write to a new csv called NoManagedMachines.csv so a manual review can be done for this users.

These lists would then be stored (Either on Google Drive, Confluence etc)

google-cloud-platform google-admin-sdk
Original Q&A
0

There are 0 best solutions below

Related Questions in GOOGLE-CLOUD-PLATFORM

Related Questions in GOOGLE-ADMIN-SDK

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs

Popular Questions

.

Copyright © 2021 Jogjafile Inc.