Write to a custom asset field (Windows Product Key)

BitLocker keys, rotate local admin password, third-party UID etc.

Written By Mikel from Gorelo

Last updated 16 days ago

You can write to a custom asset field via scripts. This is useful for things such as BitLocker keys, rotating local admin passwords and third-party UID’s.

In this example, we'll use Windows Product Key.

Step 1: Create the custom asset field

  1. Navigate to Settings -> Assets -> Custom Fields

  2. Add custom field with the following details

    • Name: Windows Product Key

    • Variable: windowsProductKey

Step 2: Create the script

  1. Navigate to Scripts

  2. Create a script with the following details:

    • Name: 🗝️Store-WindowsProductKey

    • Content:

Example
# Get Windows Product Key and update Gorelo custom field try { # Get Windows Product Key using WMI $productKey = (Get-WmiObject -query 'select * from SoftwareLicensingService').OA3xOriginalProductKey if ([string]::IsNullOrEmpty($productKey)) { # If OA3xOriginalProductKey is empty, try getting it from registry $regPath = 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SoftwareProtectionPlatform' $regValue = 'BackupProductKeyDefault' $productKey = (Get-ItemProperty -Path $regPath -Name $regValue -ErrorAction SilentlyContinue).$regValue } if ([string]::IsNullOrEmpty($productKey)) { # If still empty, try another registry method $regPath = "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\DigitalProductId" $digitalId = (Get-ItemProperty -Path $regPath).DigitalProductId # Convert Digital Product ID to Product Key $keyOffset = 52 $isWin8 = ([math]::Floor($digitalId[66] / 6) -band 1) $productKey = "" $chars = "BCDFGHJKMPQRSTVWXY2346789" for ($i = 24; $i -ge 0; $i--) { $r = 0 for ($j = 14; $j -ge 0; $j--) { $r = ($r * 256) -bxor $digitalId[$j + $keyOffset] $digitalId[$j + $keyOffset] = [math]::Floor($r / 24) $r = $r % 24 } $productKey = $chars[$r] + $productKey if (($i % 5) -eq 0 -and $i -ne 0) { $productKey = "-" + $productKey } } } if (![string]::IsNullOrEmpty($productKey)) { # Update Gorelo RMM custom field GoreloAction -SetCustomField -Name '$gorelo:asset.WindowsProductKey' -Value $productKey Write-Output "Successfully updated Windows Product Key in Gorelo" } else { Write-Error "Could not retrieve Windows Product Key" exit 1 } } catch { Write-Error "Error: $($_.Exception.Message)" exit 1 }

Step 3: Deploy the script via a policy

  1. Navigate to Policies

  2. Edit an existing policy that covers the assets you want to store the Windows Product Key for

  3. Add the '🗝️Store-WindowsProductKey' script and set to Run Once or repeat at your preferred interval

  4. Save and Distribute the policy