cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
sw41
sw41
Level 9
Report Inappropriate Content
Message 1 of 5
‎02-14-2019 09:40 AM

Encryption user not able to log in to preboot

ePO 5.10, DE 7.2.5

We have setup a new PC and the policy to encrypt the drive kicked off.  Logging out of our local account and logging in to our Domain account, I can see the user for the new machine in the list of Encrypted Users in EPO.  At the PC, reboot and the domain user cannot log in to the preboot screen.  Logged in as local, logged into windows as domain, locked the screen and unlocked, opened agent status monitor and C&P and send events, see in EPO it has updated, still see the domain user in Encrypted Users, and still the domain user cannot log in to preboot.  Checked the Orion log and see "No preferred registered server for domain=".  Went into EPO > registered servers > my LDAP, verified the settings, did a successful test connect.  I am not sure where to go to register the server for our domain.

This was all working before our EPO upgrade to 5.10  Feels like I am missing something simple.

0 Kudos
Reply
4 Replies
cdinet
McAfee Employee cdinet
McAfee Employee
Report Inappropriate Content
Message 2 of 5
‎02-14-2019 09:42 AM

Re: Encryption user not able to log in to preboot

When you go into registered servers, even if you don't make a change, re-save that registration for the ldap server.  Check also the server log on epo to see if there are any errors sending user policy to the system.  Otherwise, I am going to transfer this to the encryption team since that is more their expertise.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

0 Kudos
Reply
sw41
sw41
Level 9
Report Inappropriate Content
Message 3 of 5
‎02-14-2019 10:09 AM

Re: Encryption user not able to log in to preboot

what would that error look like? which server log? 

I checked in the orion log and do not see "policy or send".

watching the logs on the client, I am geting the impression the policies and tasks are working.

I saved the LDAP settings again and no change there.

0 Kudos
Reply
cdinet
McAfee Employee cdinet
McAfee Employee
Report Inappropriate Content
Message 4 of 5
‎02-14-2019 10:48 AM

Re: Encryption user not able to log in to preboot

In the install directory for epo, under db\logs, you will see a server_servername.log file.  It would show lookup failed for ldap user.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

0 Kudos
Reply
sw41
sw41
Level 9
Report Inappropriate Content
Message 5 of 5
‎02-14-2019 12:56 PM

Re: Encryption user not able to log in to preboot

Not seeing any errors, mostly just a bunch of http:// calls.

0 Kudos
Reply
More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator