Write to a custom asset field (Windows Install Date)

BitLocker keys, rotate local admin password, third-party UID etc.

Written By Mikel from Gorelo

Last updated 16 days ago

You can write to a custom asset field via scripts. This is useful for things such as BitLocker keys, rotating local admin passwords and third-party UID’s.

In this example, we'll use Windows Install Date.

Step 1: Create the custom asset field

  1. Navigate to Settings -> Assets -> Custom Fields

  2. Add custom field with the following details

    • Name: Windows Install Date

    • Variable: windowsInstallDate

Step 2: Create the script

  1. Navigate to Scripts

  2. Create a script with the following details:

    • Name: 🗝️Store-WindowsInstallDate

    • Content:

Example
# Initialize array to store all valid dates $allDates = @() # Method 1: Win32_OperatingSystem class $osInfo = Get-WmiObject Win32_OperatingSystem $installDate = $osInfo.ConvertToDateTime($osInfo.InstallDate) $allDates += $installDate Write-Host "OS Installation Date (from Win32_OperatingSystem): $($installDate.ToString('MM/dd/yyyy'))" -ForegroundColor White # Method 2: Registry installation date $registryPath = "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion" $registryInstallDate = Get-ItemProperty -Path $registryPath | Select-Object -ExpandProperty InstallDate $registryInstallDateTime = (Get-Date "1970-01-01 00:00:00.000Z").AddSeconds($registryInstallDate) $allDates += $registryInstallDateTime Write-Host "Registry Installation Date: $($registryInstallDateTime.ToString('MM/dd/yyyy'))" -ForegroundColor White # Method 3: Earliest system restore point (with proper date parsing) try { $restorePoints = Get-ComputerRestorePoint | Sort-Object -Property CreationTime if ($restorePoints) { $earliestRestorePoint = [datetime]::ParseExact($restorePoints[0].CreationTime.ToString(), "yyyyMMddHHmmss.ffffff-000", $null) $allDates += $earliestRestorePoint Write-Host "Earliest System Restore Point: $($earliestRestorePoint.ToString('MM/dd/yyyy'))" -ForegroundColor White } } catch { Write-Host "Unable to retrieve or parse system restore points." -ForegroundColor Yellow } # Method 4: Windows.old folder date (if exists) $windowsOldPath = "$env:SystemDrive\Windows.old" if (Test-Path $windowsOldPath) { $windowsOldDate = (Get-Item $windowsOldPath).CreationTime $allDates += $windowsOldDate Write-Host "Windows.old Folder Creation Date: $($windowsOldDate.ToString('MM/dd/yyyy'))" -ForegroundColor White } # Filter out any null dates and find the oldest $validDates = $allDates | Where-Object { $_ -ne $null } $oldestDate = $validDates | Sort-Object | Select-Object -First 1 Write-Host "`nOldest detected date (likely original deployment): $($oldestDate.ToString('MM/dd/yyyy'))" -ForegroundColor Green # Format date for Gorelo (date only) $goreloDateString = Get-Date $oldestDate -Format "yyyy-MM-dd" # Set Gorelo custom field with the oldest date try { GoreloAction -SetCustomField -Name '$gorelo:asset.windowsInstallDate' -Value $goreloDateString Write-Host "Successfully updated Gorelo custom field" -ForegroundColor Green } catch { Write-Host "Error updating Gorelo custom field: $($_.Exception.Message)" -ForegroundColor Red } # Display difference between oldest and newest dates for verification $newestDate = $validDates | Sort-Object | Select-Object -Last 1 $dateDifference = New-TimeSpan -Start $oldestDate -End $newestDate Write-Host "`nDate range span: $($dateDifference.Days) days" -ForegroundColor Cyan Write-Host "Newest date found: $($newestDate.ToString('MM/dd/yyyy'))" -ForegroundColor Cyan

Step 3: Deploy the script via a policy

  1. Navigate to Policies

  2. Edit an existing policy that covers the assets you want to store BitLocker Recovery Keys for

  3. Add the '🗝️Store-WindowsInstallDate' script and set to repeat daily at your preferred time

  4. Save and Distribute the policy