cancel
Showing results for 
Search instead for 
Did you mean: 
derwick
Level 7
Report Inappropriate Content
Message 1 of 10

Some PC missing in Safeboot Encryption Manager

Hi all,

Really appreciate some help on this.

Recently, i've discovered that some PCs are missing in the Encryption Manager. These PCs are usually freshly installed with safeboot (some autoboot, some preboot).

From the sbclientlog, i can see these PC has been created in EEM: 

2011/07/25 13:28:30        Starting Endpoint Encryption for PC Client Manager (v5.2.4)

2011/07/25 13:28:30        Starting synchronization

2011/07/25 13:28:30        Connecting to database: "fde-master"

2011/07/25 13:28:30        Address= xxxxx

2011/07/25 13:28:30        Port=5555

2011/07/25 13:28:30        Authenticate=Yes

2011/07/25 13:28:34        Starting boot protection installation

2011/07/25 13:29:11        Machine name = XYZPC

2011/07/25 13:29:17        Machine is already in the database

2011/07/25 13:29:20        Machine ID=00004341

2011/07/25 13:30:48        Checking for user updates

2011/07/25 13:31:00        Adding user (ID=00000006) $autoboot$

2011/07/25 13:31:17        Checking for token data updates

2011/07/25 13:31:18        Checking for SSO updates

2011/07/25 13:31:18        Checking for Local Recovery updates

But when i serach for XYZPC in EEM, the result is empty. Therefore i cannot add user to the allow user to login Preboot!!!!

I have also try to use the movemachine command, it gives me an error:

Command = MoveMachine

ResultCode = 0xdb020000

ResultDescription = Attribute not found

Have also trie to reinstall (did not decrypt HDD, just simply install .exe again)

I am runnign out of ideas.

Please HELP!!!!!

9 Replies
SafeBoot
Level 21
Report Inappropriate Content
Message 2 of 10

Re: Some PC missing in Safeboot Encryption Manager

did you try doing a group scan to see if the machines are simply orphans?

Are the machines still syncronizing now? No errors in the logs? If so then they MUST exist in the database - get the machine ID off the pre-boot recovery screen and search for that in EEM instead of the name

derwick
Level 7
Report Inappropriate Content
Message 3 of 10

Re: Some PC missing in Safeboot Encryption Manager

i have already done that too....i do not see the PC is the orphaned group either...

search by object ID, also return empty result...

i think they should be in database too, because when i do sync from the client, no error in the log at all.

here is one sample of the log:

07/2011 8:47:29 AM Starting Endpoint Encryption for PC Client Manager (v5.2.5)
26/07/2011 8:47:31 AM Starting remote access server on port 5556
26/07/2011 8:47:31 AM Delaying initial sync for 39 minutes
26/07/2011 8:47:31 AM Applying cryption changes
26/07/2011 9:27:29 AM Starting synchronization
26/07/2011 9:27:29 AM SbFs total space = 20879360 bytes (19.91 MB)
26/07/2011 9:27:29 AM SbFs free space = 18307072 bytes (17.46 MB)
26/07/2011 9:27:29 AM Connecting to database: "fde-master"
26/07/2011 9:27:29 AM Address=fde-master
26/07/2011 9:27:29 AM Port=5555
26/07/2011 9:27:29 AM Authenticate=Yes
26/07/2011 9:27:33 AM Checking pre-boot file system for errors
26/07/2011 9:27:33 AM Volume Serial Number is 84BE-2329

26/07/2011 9:27:33 AM Windows is verifying files and folders...

26/07/2011 9:27:34 AM File and folder verification is complete.

26/07/2011 9:27:34 AM Windows has checked the file system and found no problems.

26/07/2011 9:27:34 AM
26/07/2011 9:27:34 AM    20,879,360 bytes total disk space.

26/07/2011 9:27:34 AM        75,776 bytes in 37 folders.

26/07/2011 9:27:34 AM     2,496,512 bytes in 82 files.

26/07/2011 9:27:34 AM    18,307,072 bytes available on disk.

26/07/2011 9:27:34 AM
26/07/2011 9:27:34 AM         2,048 bytes in each allocation unit.

26/07/2011 9:27:34 AM        10,195 total allocation units on disk.

26/07/2011 9:27:34 AM         8,939 allocation units available on disk.

26/07/2011 9:27:34 AM Checking for machine configuration updates
26/07/2011 9:27:43 AM Checking for user updates
26/07/2011 9:27:47 AM Checking for token data updates
26/07/2011 9:27:47 AM Checking for SSO updates
26/07/2011 9:27:48 AM Checking for Local Recovery updates
26/07/2011 9:27:48 AM Checking for hashes updates
26/07/2011 9:27:48 AM Transferring local audit information to database
26/07/2011 9:27:51 AM Checking for file updates
26/07/2011 9:28:11 AM Downloading update for file "0809.STR"
26/07/2011 9:28:20 AM Downloading update for file "0809_E.MAP"
26/07/2011 9:28:29 AM Downloading update for file "0809_OSK.XML"
26/07/2011 9:28:39 AM Downloading update for file "20409_E.MAP"
26/07/2011 9:28:48 AM Downloading update for file "20409_OSK.XML"
26/07/2011 9:28:57 AM Downloading update for file "11009_E.MAP"
26/07/2011 9:29:07 AM Downloading update for file "11009_OSK.XML"
26/07/2011 9:29:16 AM Downloading update for file "0452_OSK.XML"
26/07/2011 9:29:25 AM Downloading update for file "0452_E.MAP"
26/07/2011 9:29:34 AM Downloading update for file "10409_E.MAP"
26/07/2011 9:29:44 AM Downloading update for file "10409_OSK.XML"
26/07/2011 9:29:53 AM Downloading update for file "11809_E.MAP"
26/07/2011 9:30:03 AM Downloading update for file "11809_OSK.XML"
26/07/2011 9:30:12 AM Downloading update for file "1809_E.MAP"
26/07/2011 9:30:22 AM Downloading update for file "1809_OSK.XML"
26/07/2011 9:30:23 AM Updating file "0809.STR"
26/07/2011 9:30:23 AM Updating file "0809_E.MAP"
26/07/2011 9:30:23 AM Updating file "0809_OSK.XML"
26/07/2011 9:30:23 AM Updating file "20409_E.MAP"
26/07/2011 9:30:23 AM Updating file "20409_OSK.XML"
26/07/2011 9:30:23 AM Updating file "11009_E.MAP"
26/07/2011 9:30:23 AM Updating file "11009_OSK.XML"
26/07/2011 9:30:23 AM Updating file "0452_OSK.XML"
26/07/2011 9:30:23 AM Updating file "0452_E.MAP"
26/07/2011 9:30:23 AM Updating file "10409_E.MAP"
26/07/2011 9:30:23 AM Updating file "10409_OSK.XML"
26/07/2011 9:30:23 AM Updating file "11809_E.MAP"
26/07/2011 9:30:23 AM Updating file "11809_OSK.XML"
26/07/2011 9:30:23 AM Updating file "1809_E.MAP"
26/07/2011 9:30:23 AM Updating file "1809_OSK.XML"
26/07/2011 9:30:24 AM Updating SBFS file "0452_E.MAP"
26/07/2011 9:30:24 AM Updating SBFS file "0452_OSK.XML"
26/07/2011 9:30:24 AM Updating SBFS file "0809.STR"
26/07/2011 9:30:24 AM Updating SBFS file "0809_E.MAP"
26/07/2011 9:30:24 AM Updating SBFS file "0809_OSK.XML"
26/07/2011 9:30:24 AM Updating SBFS file "10409_E.MAP"
26/07/2011 9:30:24 AM Updating SBFS file "10409_OSK.XML"
26/07/2011 9:30:24 AM Updating SBFS file "11009_E.MAP"
26/07/2011 9:30:24 AM Updating SBFS file "11009_OSK.XML"
26/07/2011 9:30:24 AM Updating SBFS file "11809_E.MAP"
26/07/2011 9:30:24 AM Updating SBFS file "11809_OSK.XML"
26/07/2011 9:30:24 AM Updating SBFS file "1809_E.MAP"
26/07/2011 9:30:24 AM Updating SBFS file "1809_OSK.XML"
26/07/2011 9:30:24 AM Updating SBFS file "20409_E.MAP"
26/07/2011 9:30:24 AM Updating SBFS file "20409_OSK.XML"
26/07/2011 9:30:25 AM Applying configuration
26/07/2011 9:30:25 AM Synchronization complete
26/07/2011 9:30:25 AM Automatically synchronizing again in 180 minute(s)
26/07/2011 9:30:25 AM Applying cryption changes

SafeBoot
Level 21
Report Inappropriate Content
Message 4 of 10

Re: Some PC missing in Safeboot Encryption Manager

please attach a complete log.

Did you search for the machine ID like I suggested? If the machine is syncronizing, it MUST exist.

rbarstow
Level 10
Report Inappropriate Content
Message 5 of 10

Re: Some PC missing in Safeboot Encryption Manager

Redo your find in the db, but using one of these alternate strategies:

Look for either Network Name = xyz

or

Search for Object Name, using machinename*

Duplicate objects get created regularly, and are named "computername"0001 (and the counter may increment, depending on how many times the machine registers as a duplicate)

derwick
Level 7
Report Inappropriate Content
Message 6 of 10

Re: Some PC missing in Safeboot Encryption Manager

after rerun group scan again, i am able to pick up those PCs again.

But i got a new problem.

Some PC that installed with Safeboot, they are not able to boot up, they are displaying the error

Windows could not start because the following file is missing or corrupt: System32\Drivers\SBAlg.sys

we are able to use bartpe to decyrpt the hdd. but still get the same error.

Then we try to remove some registry

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E967-E325-11CE-BFC1- 08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SafeBoot]

by reading from another thread

there's a registry im not abot to locate:

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\...your path to disk instance...\4&3a739529&0&000\Control]

i am still getting the same error when boot up some machines..i have no idea what went wrong and how to resolve it..

derwick
Level 7
Report Inappropriate Content
Message 7 of 10

Re: Some PC missing in Safeboot Encryption Manager

some update on the current status:

we still failed to reboot PC even after HDD is decrypted (we use safetech and remove EEPC).

still get the missing sbalg.sys error

boot into c:\ with bartpe and replace the sbalg.sys which i got from another normal PC.

when reboot PC again, get a new error saying

Unknown hard error c000021a

i am running out of ideas...please help

my thought on this is even the HDD is decrypted, there are some safeboot remained in the C:\

you think running sbsetup.exe -uninstall will help?

please kindly advise...

SafeBoot
Level 21
Report Inappropriate Content
Message 8 of 10

Re: Some PC missing in Safeboot Encryption Manager

the error has nothing to do with encryption, it's because the driver is missing (or corrupt).

You need to remove safeboot and sbalg from currentcontrolset, controlset001 is not used unless you pick "last known good configuration" - currentcontrolset is the only one used live.

Usually you don't have to mess with the registry though, just make a copy of serial.sys and call it safeboot.sys or sbalg.sys - that should be enough. Often you can't just copy the file back because other files are also missing.

But, how did you get into this position of having these driver files removed from your machine(s)?

derwick
Level 7
Report Inappropriate Content
Message 9 of 10

Re: Some PC missing in Safeboot Encryption Manager

that's a good question, i wonder why it's not able to read the sbalg.sys as well...

all i did was install autoboot on those PCs, out of those 150 PCs i installed, most of them were OK. only 11 of them had this problem after their HDD were encrypted. And out of those 11 PCs, most of them are Dell E4200 laptop. wondering if there's a compatibility issue (they are running on ATA)?

I will try to copy the serial.sys from another PC to paste to the problem PC through bartpe, will update you how it goes later.

Re: Some PC missing in Safeboot Encryption Manager

some update on this:

no avil after replace with serial.sys, giving another error after:

Bluescreen error : "STOP 0x0000007B"

E4200 is running on SSD, think that maybe the recent...some E4200 are ok, but some are dead, corrupted many registry after the encryption...i read an article that safeboot will causing performance problem on some SSD. that really giving us a hardtime here as we cannot confirm which e4200 will die and which will not.

we have around 70 E4200 in one of our offices, confirmed 11 of them cannot be booted up after encrypted, and 2 has application problem (registry corrupted), believe those 2 will die as well after first reboot. Believe the casuality number will increase soon..

only hoping that safeboot has not corrupted the entire SSD, and it still workable after reimage...