We have a machine that something went horribly wrong with the install at some point. We have successfully been using an install that includes automdomain settings. All other PC's have worked fine (100+).
What we have(or what it looks like at least) is a machine that went through the install, encrypted the machine and never touched base with McAfee Endpoint Encryption manager.
Going into recovery, there are only 2 selectable options, web recovery or local recovery which we have not set anything up for either. We can't even select machine or user recovery.
I was able to find the machine ID # and it does not match up with anything in the EEM, in fact the machine ID it generated is not similar to any of our current ones. It's 0xae856e37.
What are our options? I believe the safetech boot disk would require a sbdb file from the server console, and the machine doesn't exist.
Anyone have any ideas? Thanks in advance.
this is most like an orphan machine account where the computers get lost from the DB (due to an ineffective DRP at times). My question here would be, are you able to login to the computer? I mean if yes, then you can easily use the BartPE option to:
1. Fully decrypt the laptop and then
2. Remove Safeboot from the computer.
if you are able to read the values from the disk itself, why would you need an SDB file from the server? However, if the case is that you cannot load the content from the local disk, and the laptop has crashed and is in un-usable condition, then you have no choice but to reformat the laptop
Anyway, the answer to my above questions will really depend on the approach you might have to take.
Let me know...
Well, I resolved this. I finally got a chance to look at the machine myself, and machine and user recovery were not greyed out, they weren't there period. I selected local recovery, and it listed a path to my D drive for the HPDriveEncryptionBackup.dat.
Plugged in a USB drive with the correct file and away I went.
This was kind of scary, it's like it merged the HP Protect Tools with the McAfee Endpoint Encryption. The PBA did indeed say McAfee Endpoint Encryption on it. Once I was in I started the decrypting in HP Protect Tools, then removed it, and at that point the autodmain software appeared to kick off and prompt for user password, and everything went find after that, the EEPC finished successfully then behaved as normal.
So, short story trying to encryt an encrypted hard drive isn't ideal. Of course if we knew it had been encrypted previously it would have saved some time an effort. I'm glad this worked as we had opened up a support ticket with McAfee and they told us the data was gone.