cancel
Showing results for 
Search instead for 
Did you mean: 
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 1 of 8

Reinstall MDE

Jump to solution

Good morning.  My service desk insists on reinstalling #mde (we have it packaged so they run that) whenever a customer calls in with PBA problems even though I've told them not to do so

I was wondering if it is something I should worry about?  We are using 7.2.8 and PBA with smart card authentication (synced to AD).  My major concern is that it could affect PBA negatively.

Any advice or information would be greatly appreciated.

1 Solution

Accepted Solutions
Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 8

Re: Reinstall MDE

Jump to solution

Hi @mlajoie ,

Thank you for the information. Yes, you are correct. 

For the below issues, administrative recovery is sufficient to fix the issue

  • token payload invalid
  • unknown user
  • too many authentication attempts
  • disabled user

Am not sure why your IT team takes the decision to re-install MDE for the above issues.

My main question is how are they re-installing MDE when they are having the above issues? They will not be able to boot into windows when they have the above issues. If they are unable to boot into windows and if they are not contacting you (EPO administrators), they can re-install MDE only after re-imaging the machine. So that was my confusion in here.

If they try to boot into OS using the admin recovery options, first they need to deactivate the MDE by decrypting the machine before uninstalling MDE and re-installing the same. So are they decrypting HDD and then re-installing MDE? 

Or if they are using the Emergency Boot options, then PBFS will be rebuilt which resolves the PBA issues, but this will not resolve the token issues, unknown user issues and other user-related issues.

 

So re-installing MDE will not help them to resolve the user issues in the PBA at all times. 

 

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Thank you

Regards,
Jithendran S
McAfee Employee

View solution in original post

7 Replies
Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 8

Re: Reinstall MDE

Jump to solution

Hi @mlajoie ,

Thank you for writing in here.

Could you please let me what are the PBA problems which the users get?

And could you please let me know the re-installation steps which they are performing when the user gets the PBA problem?

Based on these info I can surely help you with the answers. 

Important Note: PBA problems can also be resolved by performing Emergency Boot operations instead of complete re-install. However, this is not the exact answer for your question 😎 Kindly help me with the above answers.

 

Was my reply helpful?
If you find this post useful, Please give it a Kudos

Thank you.

Regards,
Jithendran S
McAfee Employee
Highlighted
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 3 of 8

Re: Reinstall MDE

Jump to solution

Any number of reasons that a user could be calling into the service desk:

  • token payload invalid
  • unknown user
  • too many authentication attempts
  • disabled user

The package installs

  • DE Go
  • DE
  • DE Windows

What will reinstalling DE actually accomplish and what problems can it inject (especially if DE is not having issues and the PBA problems are user based)?  WIll it not cause any harm?  I'm just trying to gather data so I can make an informed response.

I know that an emergency boot will rebuild PBFS and we do that, when appropriate.  

Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 8

Re: Reinstall MDE

Jump to solution

Hi @mlajoie ,

Thank you for the information. Yes, you are correct. 

For the below issues, administrative recovery is sufficient to fix the issue

  • token payload invalid
  • unknown user
  • too many authentication attempts
  • disabled user

Am not sure why your IT team takes the decision to re-install MDE for the above issues.

My main question is how are they re-installing MDE when they are having the above issues? They will not be able to boot into windows when they have the above issues. If they are unable to boot into windows and if they are not contacting you (EPO administrators), they can re-install MDE only after re-imaging the machine. So that was my confusion in here.

If they try to boot into OS using the admin recovery options, first they need to deactivate the MDE by decrypting the machine before uninstalling MDE and re-installing the same. So are they decrypting HDD and then re-installing MDE? 

Or if they are using the Emergency Boot options, then PBFS will be rebuilt which resolves the PBA issues, but this will not resolve the token issues, unknown user issues and other user-related issues.

 

So re-installing MDE will not help them to resolve the user issues in the PBA at all times. 

 

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Thank you

Regards,
Jithendran S
McAfee Employee

View solution in original post

Highlighted
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 5 of 8

Re: Reinstall MDE

Jump to solution
They decided on their own. I have no idea why. I'm working to get them to stop doing it but wanted to make sure I had all the information before telling them.

They are doing admin recoveries with the user, having the user log into windows and, then, install DE. They are not decrypting and then reinstalling (!)
Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 6 of 8

Re: Reinstall MDE

Jump to solution

Hi @mlajoie ,

It is not possible to uninstall and re-install MDE without deactivating the existing MDE on the client machine. 

This is no way possible 🙂 All they can do is to upgrade to a higher version. 

Anyhow if you have more questions am glad to help you on the same.

 

Thank you.

Regards,
Jithendran S
McAfee Employee
Highlighted
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 7 of 8

Re: Reinstall MDE

Jump to solution
Perfect. Thank you.
Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 8 of 8

Re: Reinstall MDE

Jump to solution

@mlajoie  you are welcome 🙂

Regards,
Jithendran S
McAfee Employee
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community