Tech Community Live: Endpoint Manager edition
Jul 21 2022, 08:00 AM - 12:00 PM (PDT)
SOLVED

WMI Win32_BitLockerEncryptionDetails crashing

%3CLINGO-SUB%20id%3D%22lingo-sub-2537290%22%20slang%3D%22en-US%22%3EWMI%20Win32_BitLockerEncryptionDetails%20crashing%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2537290%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20everyone%2C%3C%2FP%3E%3CP%3EI%20have%20a%20weird%20problem%20at%20a%20customer.%3C%2FP%3E%3CP%3EThe%20following%20error%20occurs%20on%20every%20computer%20when%20trying%20to%20inventory%20this%20class.%3C%2FP%3E%3CP%3EUnknown%20error%20encountered%20processing%20an%20instance%20of%20class%20WMI%20Win32_BitLockerEncryptionDetails%3A%208004100E%3C%2FP%3E%3CP%3EThe%20only%20article%20I've%20found%20is%20this%20one%20%3A%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fdansonnenburg.github.io%2Fmbam-after-configmgr-1511-upgrade%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3EMissing%20MBAM%20WMI%20classes%20on%20client%20computers%20%E2%80%93%20Dan%20Sonnenburg%20%E2%80%93%20Platform%20Manager%20%40Organic%20Valley%3C%2FA%3E%3C%2FP%3E%3CP%3EUnfortunately%2C%20everything%20is%20correctly%20setup%20on%20the%20client%20computers%20and%20the%20configuration.mof%20file%20contains%20the%20needed%20information.%3C%2FP%3E%3CP%3EI%20don't%20understand%20what%20I%20can%20do%20about%20it.%20I've%20tried%20changing%20the%20configuration.mof%20file%20without%20any%20success.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThis%20happens%20also%20on%20brand%20new%20mastered%20computers%20so%20it's%20a%20MECM%20problem.%3C%2FP%3E%3CP%3EDoes%20anyone%20have%20any%20idea%20I%20could%20use%20to%20solve%20this%20please%3F%3CBR%20%2F%3EThanks%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2537290%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3ECM%20current%20branch%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2537446%22%20slang%3D%22en-US%22%3ERe%3A%20WMI%20Win32_BitLockerEncryptionDetails%20crashing%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2537446%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F989974%22%20target%3D%22_blank%22%3E%40Aventador06%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fwww.microsoft-watch.com%2Fhow-to-repair-windows-wmi-error-0x8004100e%2F%23%3A~%3Atext%3DError%25208004100e%2520is%2520a%2520WMI%2520error%252C%2520also%2520known%2CWMI%2520is%2520corrupted.%2520What%2520is%2520a%2520WMI%2520Repository%253F%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fwww.microsoft-watch.com%2Fhow-to-repair-windows-wmi-error-0x8004100e%2F%23%3A~%3Atext%3DError%25208004100e%2520is%2520a%2520WMI%2520error%252C%2520also%2520known%2CWMI%2520is%2520corrupted.%2520What%2520is%2520a%2520WMI%2520Repository%253F%3C%2FA%3E%3C%2FP%3E%3CP%3EHello%26nbsp%3B%3C%2FP%3E%3CP%3Esee%20this%20article%3A%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2537462%22%20slang%3D%22en-US%22%3ERe%3A%20WMI%20Win32_BitLockerEncryptionDetails%20crashing%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2537462%22%20slang%3D%22en-US%22%3EIt%20would%20be%20helpful%20for%20others%20if%20it%20will%20work%3F%3CBR%20%2F%3EGood%20luck%20Andrew%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2537560%22%20slang%3D%22en-US%22%3ERe%3A%20WMI%20Win32_BitLockerEncryptionDetails%20crashing%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2537560%22%20slang%3D%22en-US%22%3E%3CP%3EThe%20part%20where%20they%20ask%20to%20disable%20the%20firewall%20cannot%20be%20an%20option%20for%20me%20as%20the%20VPN%20will%20stop%20if%20I%20do%20this...%3CBR%20%2F%3EI%20need%20to%20check%20this%20IIS%20core%20requirement%20as%20I'm%20installing%20all%20my%20servers%20the%20same%20way%20and%20maybe%2C%20at%20this%20customer%2C%20I%20missed%20something...%3CBR%20%2F%3EThe%20mof%20recompile%20option%20can%20be%20quickly%20tested.%3CBR%20%2F%3EI'll%20let%20you%20know%20of%20course%20what%20this%20gives%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EEDIT%20%3A%20nothing%20on%20the%20IIS%20side%20%2F%20mof%20recompile%20and%20WBem%20rebuilding%20didn't%20change%20the%20problem.%3C%2FP%3E%3CP%3EStill%20looking%20for%20a%20solution%20if%20you%20have%20an%20idea%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2539912%22%20slang%3D%22en-US%22%3ERe%3A%20WMI%20Win32_BitLockerEncryptionDetails%20crashing%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2539912%22%20slang%3D%22en-US%22%3EWhen%20you%20say%20everything%20correct%20on%20the%20client%2C%20does%20that%20mean%20that%20you%20have%20viewed%20the%20WMI%20class%20and%20see%20data%3F%3C%2FLINGO-BODY%3E
Occasional Contributor

Hi everyone,

I have a weird problem at a customer.

The following error occurs on every computer when trying to inventory this class.

Unknown error encountered processing an instance of class WMI Win32_BitLockerEncryptionDetails: 8004100E

The only article I've found is this one : Missing MBAM WMI classes on client computers – Dan Sonnenburg – Platform Manager @Organic Valley

Unfortunately, everything is correctly setup on the client computers and the configuration.mof file contains the needed information.

I don't understand what I can do about it. I've tried changing the configuration.mof file without any success.

 

This happens also on brand new mastered computers so it's a MECM problem.

Does anyone have any idea I could use to solve this please?
Thanks

12 Replies
Hi,
Thanks, I'll check right away and test this on a computer
It would be helpful for others if it will work?
Good luck Andrew

The part where they ask to disable the firewall cannot be an option for me as the VPN will stop if I do this...
I need to check this IIS core requirement as I'm installing all my servers the same way and maybe, at this customer, I missed something...
The mof recompile option can be quickly tested.
I'll let you know of course what this gives

 

EDIT : nothing on the IIS side / mof recompile and WBem rebuilding didn't change the problem.

Still looking for a solution if you have an idea

When you say everything correct on the client, does that mean that you have viewed the WMI class and see data?

@Garth Jones Here's what I mean:

- WMI class is obviously loaded on the computer but there's no data

Aventador06_0-1626126718474.png

Aventador06_0-1626127444395.png

 

 

- InventoryAgent.log is throwing this error

Aventador06_1-1626126820717.png

- Configuration.mof (rename .docx) on the MECM server is OK (2103)

I don't know where to look elsewhere at this stage.

Thanks for your help

best response confirmed by Aventador06 (Occasional Contributor)
Solution
Did you look at the underlaying MBAM class for inventory? Have you check to make sure that the MBAM client has been installed?
Ho my god.....
How could I have missed this????
MBAM Client wasn't deployed :(
I completely forgot it in the process.
Thanks Garth for your guidance.

@Garth Jones 

Hey Garth, I'm facing the same issue with my HINV, but for this client, MBAM isn't used. So it can't be missing right?

screenshot_4575.jpg

This shows up no matter the BitLocker status.

I noticed that someone had created a BitLocker Management policy to test, without properly configuring all the other requirements. So it was not working... Since then V_GS_BitlockerEncryptionDetails only has 2 rows (the 2 test devices with the BitLocker Management policy) Which seem related to MBAM with what is available in the details.

screenshot_4576.jpg

I've removed the policy and did a BitLocker rollout with Intune(co-managed).

The funny thing is v_GS_ENCRYPTABLE_VOLUME does work properly, so I kind of have an idea on who's encrypted because of that. The number of reports in that table makes sense with the actual rollout of BitLocker. 

 

BitLocker-related classes are enabled in the Default Client Settings. Nothing custom in the configuration.mof.

 

that was all done with MECM 2010, but currently at 2103. I begin to wonder if because the MBAM policy was created, it kind of screwed up the standard BitLocker inventory, or simply a bug when MBAM support was added to MECM.

 

any other ideas on what could be attempted to fix this inventory issue?

Thanks!

Jonathan

 

So there Error within the inventory agent.log is saying that the WMI class does not exist or their are problem accessing it. So I would test it with wmi explorer or wbemtest.

This might mean that you need to have a MBAM policy to install the agent and therefore collect the data via mbam.

This is where I would start.

@Garth Jones Thanks, I'll try to install the MBAM agent to see the result without any management since it's offloaded to Intune already. I just wanted the extra reporting from ConfigMgr.

 

Seems the integration of MBAM broke something that was working for sure before...

The class is indeed empty, no matter the status of BitLocker, so even a manual query fails. But the class for EncryptableVolume does work fine.