cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted

How to assigned users to active MDE 7.2.9.17

Jump to solution

I installed McAfee ePO 5.10 on server, and installed MDE 7.2.9.17 on client. But  ePO Dashboards show that  MDE 7.2.9.17 "Inactive" due to "No assigned users"

What do I need to do to assign users to activate MDE?  Any help that can be provided would be greatly appreciated.

1 Solution

Accepted Solutions
Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 11 of 11

Re: How to assigned users to active MDE 7.2.9.17

Jump to solution

Hi @tony_cheng ,

Can you help me with the screenshots as per my previous post for encryption users page for the machine and from the User directory users section?

And kindly let us know the user name (user directory user name assigned to the machine in encryption users tab) so that it would be easy to check in the logs if this user name is getting added or not.

 

Thank you

Regards,
Jithendran S
McAfee Employee

View solution in original post

10 Replies
Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 11

Re: How to assigned users to active MDE 7.2.9.17

Jump to solution

Hi @tony_cheng ,

Thank you for writing in here.

Can you check the video below which shows how to activate MDE, I have used ALDU option under the MDE Policy -> Product Settings -> Log On tab

Or you can even assign users manually from the Encryption Users tab.

https://docs.mcafee.com/bundle/drive-encryption-7.2.0-product-guide-epolicy-orchestrator/page/GUID-4...

https://docs.mcafee.com/bundle/drive-encryption-7.2.5-installation-guide-epolicy-orchestrator/page/G...

 

 

Thank you.

Regards,
Jithendran S
McAfee Employee
Highlighted

Re: How to assigned users to active MDE 7.2.9.17

Jump to solution

Hi Jsubbura:

    Thanks very much for your reply, I have got your means, but it's still fail. I did not set up domain server and AD. Just connect server and client  through workgroup. Whether did it cause this failure ? Does the domain server and AD must be set up ?

Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 11

Re: How to assigned users to active MDE 7.2.9.17

Jump to solution

Hi @tony_cheng ,

If you are not using AD and only workgroup users, then you would need to create user accounts under EPO -> User Directory for each users and would need to add the users manually.

Kindly let me know if this is the first time for you in creating the Encryption Users under user directory?

 

If so i can help you on the same.

Thank you

Regards,
Jithendran S
McAfee Employee
Highlighted

Re: How to assigned users to active MDE 7.2.9.17

Jump to solution

Hi jsubbura:

That's very kind of you. Yes, I did not create the Encryption users under user directory. Please help me how can i create the user under user directory ? 

Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 6 of 11

Re: How to assigned users to active MDE 7.2.9.17

Jump to solution

Hi @tony_cheng ,

Assume your workgroup machine has a windows logon username called "Tony". 

Then you can create a user directory user for your user "Tony" in the "User Directory" menu in EPO.

1) Navigate to EPO Menu -> User Management -> User Directory

2) Click on Actions -> Add User, then enter cn= Tony and Logon Name as Tony and click on Save

tony.PNG

3) Now your user directory user "Tony" is created.

alluser.PNG

 

4) Then Navigate to EPO Menu -> Data Protection -> Encryption Users, select the preset as per the below,

preset.PNG

 

5) Now find your machine name in here and select the machine name, click on Actions -> Drive encryption -> Add Users and do the below,

stepsuser.PNG

 

6) Then click on Ok again,

final.PNG

 

7) To verify if the Encryption User is added to this machine or not, Navigate to EPO Menu -> Data Protection -> Encryption Users

Now find your machine name in here and select the machine name, click on Actions -> Drive encryption -> View Users

userdirectoryuser.PNG

 

😎 Post this you can do the policy enforcement in your client machine which will add this Drive Encryption User which we created in EPO and then will start the Activation (Encryption) in the machine.

 

Thank you.

Regards,
Jithendran S
McAfee Employee
Highlighted

Re: How to assigned users to active MDE 7.2.9.17

Jump to solution

Hi jsubbura:

    I‘m so grateful for you great help. I have added user to encryption machine follow your steps successfully.  But after i do the policy enforcement through “wake up agent”->"force complete policy and task update", Drive Encryption  in client still is "Inactive". Dashboards reason shows "No local domain users". What can i do to fix it ?😂  

 
Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 8 of 11

Re: How to assigned users to active MDE 7.2.9.17

Jump to solution

@tony_cheng If possible, can you share MfeEpe.log collected from the same client machine?

Path: C:\Program Files\McAfee\Endpoint Encryption Agent\MfeEpe.log

JaganA
McAfee Employee

Was my reply helpful?
If yes, click "Accept as Solution" in my reply and together we can help other members?
Highlighted

Re: How to assigned users to active MDE 7.2.9.17

Jump to solution

Hi JaganA:

    Below is MfeEpe.log update info:

2020-05-25 15:13:03,435 INFO EpoPlugin Reporting TargetState property as Active
2020-05-25 15:13:03,435 INFO EpoPlugin collectProperties: dispatching disk list to AgentHandler
2020-05-25 15:13:03,497 INFO EpoPlugin enforcePolicy: new policy store created (session 1590419412).
2020-05-25 15:13:03,841 INFO EpoPlugin enforcePolicy: Waiting for OptIn users (i.e. non-default UBP users) before enforcing policy.
2020-05-25 15:13:03,856 INFO EpoState == Start of policy enforcement ==
2020-05-25 15:13:03,856 INFO StatusService Policy enforcement has started
2020-05-25 15:13:03,856 INFO EpoPlugin enforceUserPolicy: Dispatching enforce policy event.
2020-05-25 15:13:03,856 INFO EpoPlugin policyHandler: handling EnforcePolicy event
2020-05-25 15:13:03,856 INFO EpoPlugin userHandler: handling AddLocalDomainUsers event
2020-05-25 15:13:03,856 INFO DomainUsers Searching for logged on local domain users.
2020-05-25 15:13:03,856 INFO EpoPlugin Reporting TargetState property as Active
2020-05-25 15:13:03,856 INFO EpoPlugin collectProperties: dispatching disk list to AgentHandler
2020-05-25 15:13:03,856 INFO DomainUsers Ignoring expired logon session for user: \\window manager\dwm-2
2020-05-25 15:13:03,872 INFO DomainUsers Ignoring expired logon session for user: \\window manager\dwm-1
2020-05-25 15:13:03,872 INFO DomainUsers Found new (unprocessed in this session) local domain user: \\window manager\dwm-2
2020-05-25 15:13:03,872 INFO DomainUsers Found new (unprocessed in this session) local domain user: \\font driver host\umfd-2
2020-05-25 15:13:03,872 INFO DomainUsers Found new (unprocessed in this session) local domain user: \\window manager\dwm-1
2020-05-25 15:13:03,872 INFO DomainUsers Found new (unprocessed in this session) local domain user: \\font driver host\umfd-1
2020-05-25 15:13:03,872 INFO EpoPlugin userHandler: dispatching EPOAddDomainUsers event to McAfee Agent
2020-05-25 15:13:03,872 INFO EpoPlugin userHandler: Note, press Send Events button in McAfee Agent to hasten delivery (see KB71865).
2020-05-25 15:13:03,872 INFO StatusService Creating Event to request data for local domain users
2020-05-25 15:13:03,982 INFO EpoPlugin enforcePolicy: skipping policy enforcement, since we already performed one within the last 20 seconds.
2020-05-25 15:13:04,060 INFO EpoPlugin enforcePolicy: Policy Enforcement is already in progress, skipping this one.
2020-05-25 15:13:04,232 INFO EpoPlugin enforcePolicy: skipping policy enforcement, since we already performed one within the last 20 seconds.
2020-05-25 15:13:04,232 INFO EpoPlugin enforcePolicy: Policy Enforcement is already in progress, skipping this one.
2020-05-25 15:13:35,606 WARNING EpoMaLpcLog Service not available
2020-05-25 15:13:35,606 INFO EpoPlugin userHandler: handling AddLocalDomainUsers response
2020-05-25 15:13:35,606 INFO StatusService Received data for local domain users
2020-05-25 15:13:35,606 WARNING EpoPlugin userHandler: local domain user (font driver host\umfd-2) could not be assigned to system.
2020-05-25 15:13:35,606 WARNING EpoPlugin userHandler: local domain user (font driver host\umfd-1) could not be assigned to system.
2020-05-25 15:13:35,606 WARNING EpoPlugin userHandler: local domain user (window manager\dwm-2) could not be assigned to system.
2020-05-25 15:13:35,606 WARNING EpoPlugin userHandler: local domain user (window manager\dwm-1) could not be assigned to system.
2020-05-25 15:13:35,606 ERROR EpoPlugin userHandler: failing policy enforcement: a logged on domain user is required for activation.
2020-05-25 15:13:35,606 INFO EpoPlugin epoAudit: dispatching audits to AgentHandler
2020-05-25 15:13:35,622 INFO EpoState == End of policy enforcement ==
2020-05-25 15:13:35,622 INFO StatusService Policy enforcement has completed
2020-05-25 15:13:35,622 ERROR StatusService Policy enforcement has failed

Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 10 of 11

Re: How to assigned users to active MDE 7.2.9.17

Jump to solution

@tony_cheng Thanks for your response.

Attaching the log file instead of extracted content would lead to faster resolution.

I don't see an ePO user assignment was attempted.

Was the user created under "user directory" was assigned to the affected client machine? I don't see it in the above log.

If navigated to ePO -> Menu -> Encryption users -> select the machine -> Actions -> Drive Encryption -> View users. You should see something similar to this cn=JaganA-UC,dc=epo,dc=local

If not then the user is not assigned to the machine.

JaganA
McAfee Employee

Was my reply helpful?
If yes, click "Accept as Solution" in my reply and together we can help other members?
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community