i have a virtual server running Windows Server 2003 Ent. SP2 in a VMware environment. It is THE Safeboot server and someone foolishly encrypted it . I have tried recoveries multiple times, but keep running into problems such as not being able to load the .sdb file , it says failed to load database. When i try to use sbfs the accounts i use wont work. Anyone have any ideas ? oh and it is an old 5.2.6 version
I inherited this environment and there is absolutely no documentation that will assist in this. I was hoping there might be a backdoor or admin account that all mcafee safeboot comes with.
no, there's no back door.
Let's take it step by step.
1. You say you don't have a vaild user id and password for the machine? That rules out normal recovery.
2. You are trying to use xTech? Are you 100% sure you have the valid SDB file for your server? What tool are you using (winTech, SafeTech etc), and what are the messages you are getting?
3. I'm guessing you don't have a backup of your db anywhere?
All the documentation is on kc.mcafee.com BTW.
1. We have plenty of user ids and passwords but none of them work when trying to access through sbfs.
2. we have used wintech and safetech to no avail . The original error was 0x30020018 which said we had incorrect version. so we used the wintech /safetech and after authorization we couldnt authenticate using the db because it couldnt load the DB and as i said we couldnt use sbfs.
3. no back up of the db anywhere. we tried to use an old db from the "former " backup server but those haven't synced in a couple years.
1. They would have to be assigned to this machine - only assigned users can be used to login.
2. Exctly what happened when you tried to use the .sdb file, and of course, where did you get the .sdb file from?
3. No, that would be a bad idea.
If you can't login, and you don't have the right sdb file for this machine, there's absolutely no way to recover it I'm afraid. You're in the same position as someone who stole the machine.
Did you get this problem immediately after it was encrypted, or did it work for a while (including reboots) - it's perhaps possible that there are no users assigned to the machine at all, in which case the ONLY way to recover it, is with a copy of the correct SDB file.
So, back to 2 - where did the SDB file you are using come from?
Soooo to summarize ... I am S.O.L. ?
We got the sdb from exporting it out of the "encrypted" server i mentioned using mcafee admin manager on the "backup" server.
As long as the .sdb file you exported from the backup is the right one for the machine, then there's no reason why you can't decrypt it.
When you boot your enrypted server, click recover - it will give you a DB ID and a machine ID - do these exactly match the DB id and machine ID you exported the .sdb file from on the backup?
This error comes up within the pre-boot environment? Can you confirm as I've only ever seen this error within Windows before.
You can get it by viewing the Disk Information details in either SafeTech or Wintech though - no need to load up the db etc first. Just run up either of the tools and you'll be able to access it.
Disk info looks like this - https://community.mcafee.com/servlet/JiveServlet/showImage/2-135390-3956/NoSpaceError.PNGMessage was edited by: SafeBoot on 7/11/13 1:01:16 PM EDT