I deployed McAfee 5.2.11 Server and my clients are Win7 x64.
I put the agent installation in MDT Task Sequence and start the encryption process during deployment. Then the deployment and encrption finishes. I log on the machine with user account and run my custom batch file to assign the current user.
Everything works fine out of login screen!!
Than I logon to McAfee then the windows boots and on the next screen it says directly "Incorrect username or password" without typing anything.!!
When i click ok I see .\Administrator in username !! But i already logged on my domain user before
I don't want to use SSO and I'm just wondering have the default windows login screen. It looks like any other credential provider grabs the logon process.
How can I get rid of this ?
I untick all the machine Windows logon properties. I'm using AD connector. I reset the SSO details but nothing happens.
I just want to use McAfee and Windows login screens seperately. but mcafee tries to logon when windows boots for the first time and I found the incorrent username password screen be default.
Can it be related to starting the encryption process during MDT deployment ?
unlikely - most commonly these problems occur because the policy is different to what you expect, so make sure you know the correct machine ID (from the pre-boot recovery screen), then make sure that is the same ID you are editing in EEM. Untick the options, and maybe even change the security warning message - then force a sync on the machine, from the tool tray icon on the machine itself. You can watch the machine sync in the status window if you like.
Then, reboot and see if the behaviour (and security message) changes.
As I say, most situations where the machine behaves differently to the policy can be explained by simple confusion as to which policy needs changing. I've even seen admin teams spend days trying to debug why machines were misbehaving, when they were editing policy in a backup db, not the live one - so best to make sure.
I'm sure about the machine ID because I can see the sync beaviour of the agent. When I change the machine options and than I reboot, I see the actions which ı ticked. (like ticking "do not dispaly username at logon")
My aim was to completed the encrytion time in deployment process. I created 3 groups like NOT Encrytpted, Encrypted,EncrytedWithUsers. In my deployment task sequence I setup te agent. and delete if it exists on database and restart than (the new record will be created) Then the bach file force syncs and move the machines to "Encrypted" (This group has $autoboot$ option enabled therefore the deployment can continiue) Then when the other apps are deploying I can see that the ecryption starts. When the deployment finishes I ran another batch to assign the current user, move the machine to EncryptedWithUsers and reset to group config.
All of my groups windows logon options is unchecked.
I think my design is looking well in paper but the only thin I couldn't handle is to login screen! I'm sure that it's related that Credential provider or something else.
I don't understand that why EEPC trying to login itself everytime windows logons. Is there any log location taht you know to troubleshoot on client machine or EEM?
What is the best practise of deploying EEPC ? I would like you to comment my design
moving a machine between groups won't change the machine policy - perhaps that's where things are going wrong? Even if the groups are controlled groups, only EEM pays attention to that - moving a machine between controlled groups with the API won't change anything.
You'd need to call "resettogroupconfig" as well.
As to your design, it's pretty common - I wrote a complete deployment engine "AutoDomain" to do all the things you are donig. It's used by most enterprise class customers.
You can get it from here.
note - there is no official McAfee support for this. It's a personal project. If you are paying for Platinum Support, they are familier with the tool, but if you are on basic Gold support you won't be able to get any help from them (as this is not a McAfee official tool).