I think I know the answer, but is there any way to pre-load a user's Local Recovery Q/A pairs? Preferanbly an API that can set them but not get them? We have an Identity Management system in place that already maintains questions/answers for user self-service password reset across a number of other systems. We'd like to use EEPC Local Recovery but don't want our users to have to go through registration again. It took us 3 months to get it done the first time.
Solved! Go to Solution.
You can submit a feature modification request (FMR) via https://secure.nai.com/apps/downloads/products/product.asp
McAfee KB 60021 contains further information about the FMR process.
Thanks Fausto! I don't see EE listed in the products pull down on the page you reference. Nor even more broadly, something like Data Protection. What should I choose to ensure it's going to the right folks?
Thanks for your alert I have discussed this with the team and we are working on making our EE products available.
Meanwhile can you please open a Service Request with Support in order to have your FMR submitted ?
FaustoMessage was edited by: Fausto Oliveira on 07/12/09 04:21:06 CST
would be a very good addition to the api along with assigning a user to a machine group save having our users answer questions twice during insallation process
I have a customer who has a similar request to use Identity Manager to perform Local Recovery. Since this original post has an API been added for Local Recovery? Customer wants to be able to set Q/A from their identity management system.
I'm not sure you are talking about the right thing - local recovery, everything is done by the user on the machine - there's no server side, or web site aspect to it.
the API's already exist for something like an ID management system to generate the right recovery codes for the user.
But no, there is no API (and no plans for one) to expose the local recovery answer setting - it has to be typed and registered by the user. This is to make sure that the answers stay private between the user and the system, and are not exposed in a way someone could get access to them.
I use questions/answers to authenticate users to our service desk - it annoys users having to enter them separately and would be much better if we could fill the local recovery info using the scripting api
ah - those you can - we call these "user information fields" - they are viewable within EEM (and the recovery APIs).
it's the "Secret" local recovery questions that can't be touched - the ones involved in admin-assisted recovery, or web-assisted recovery can be handled through the API though.