cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
sw41
Level 10
Report Inappropriate Content
Message 1 of 4

Reset Token when the user has 2+ machines

If someone has 2 different computers, both encrypted with DE in the same ePO, is there a risk to running the DE: user query and resetting the User's token or is everything ok??

3 Replies
cross
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 4

Re: Reset Token when the user has 2+ machines

Generally speaking, any risks should be minimal but of course, I really cannot say that there are no risks for any action related to MDE or not.  For example, if the token is in a new/reset state on a system and that system is stolen before the user gets a chance to reboot and get their token set up again, then the person who stole the system may be able to use that to their advantage in gaining access to the system.  Of course, there are some best practices that could be utilized to minimize that risk like using a default password that is different than the McAfee default one, ensuring that user assignments on any given system cover only the minimum number of users necessary for that system, not using the option to "do not prompt for default password", etc.

In asking about risks, is there a specific situation that you are concerned about? 

sw41
Level 10
Report Inappropriate Content
Message 3 of 4

Re: Reset Token when the user has 2+ machines

User has a computer (log in with pw, no smart card or fob) that will be replaced, the build team is working on the new computer and decide to reset the token in the middle of the process.  Will the User's current computer not log in or have any problems arise due to this?  Should we alert the user to reboot after the token is reset so they can get the new one?

cross
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 4

Re: Reset Token when the user has 2+ machines

In this situation, if the token reset has already been completed on the ePO server, then when the current computer syncs up with ePO, it will receive that reset state.  Depending upon when it was done and if the system is online and can reach ePO or an agent handler then it may have already received it.  Once the reset is received, if they are not aware of the change, they will probably attempt to enter their normal password and get failure messages.  Depending upon your policy settings, too many failures could cause their account to be locked. 

With that in mind, I would definitely let them know that a reset was issued to their user account.

If you are so inclined, you\they can check the MfeEpe.log to see if the system has received the reset just looking for the key word "reset" associated to their user in recent messages. 

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community