Showing results for 
Search instead for 
Did you mean: 

Re: Set a password per script

Jump to solution

Would this work?

initial state: disabled and no password

sadmin passwd
<type a password>

then copy "C:\Program Files\McAfee\Solidcore\passwd" file to source control (file is not yet protected).


in the automated image creation process:

initial state: disabled and no password

dont use sadmin passwd, instead:
1) sadmin solidify ...
2) copy passwd file to "C:\Program Files\McAfee\Solidcore\"
3) sadmin enable -z <password from passwd file>
4) shutdown / reboot

McAfee Employee BEllis
McAfee Employee
Report Inappropriate Content
Message 12 of 15

Re: Set a password per script

Jump to solution

Honestly if imaging. I would do the following. 


1. Install solidcore, Leave disabled 

2. Sync with EPO (verifiy managed) and verify your passwd file exists in C:\program file\mcafee\solidcore

3. Make image.

4. When system image is deployed. Send client task to enable/solidify incase missing updates or software changes after.. 

McAfee Support

Benjamin Ellis

Was my reply helpful?

If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

Re: Set a password per script

Jump to solution

We dont use the EPO server.

We have a unified configuration tool for final settings before the product leaves the factory.

From the replies so far and my tests "sadmin enable -z <cur-pwd>" would be usable, but "sadmin passwd" not as it does not read the new password from stdin.

Is there an API (DLL) we can use to set the password and to enable? Something we can call from our tool? 

Re: Set a password per script

Jump to solution

Another related question:

The password file is not transferable, correct? I mean, setting a password in an image and then installing it to two different machines, the predefined password would still work or not?

If the computer is renamed, the password is still valid (so, the random number added to the SHA2 is not derived from the computer name), correct?

Re: Set a password per script

Jump to solution

There seem to be two solutions to the problem:


1) Generate the passwd file without sadmin.exe

The syntax of the passwd file is pretty easy. It is:
<username>:<random UUID>!<sha512(<password><random UUID>)>;
The file is stored in UTF-16 without a BOM and terminated with a L'\0'.
The file can only be written if application control is disabled.


2) Write a console wrapper to sadmin, e.g. in c++. The wrapper calling sadmin.exe shares the console input buffer with sadmin and can use the windows API WriteConsoleInput to pass the password over.


ePO Support Center Plug-in
Check out the new ePO Support Center. Simply access the ePO Software Manager and follow the instructions in the Product Guide for the most commonly used utilities, top known issues announcements, search the knowledgebase for product documentation, and server status and statistics – all from within ePO.