cancel
Showing results for 
Search instead for 
Did you mean: 
gldnju
Level 8
Report Inappropriate Content
Message 11 of 45

Offline Activation

Jump to solution

I have an offline system for a disabled user that will never connect to an EPO server.  I need PBA to beep when performing any action in PBA.  In the policy (ePO_Policy), I checked "Enable Accessibility" and "Always enable pre-boot USB support".  When I export this policy to offline encryption and encrypt the system, it encrypts, but doesn't beep at PBA.  When testing this same policy on a system connected to EPO, it beeps in PBA.  Any ideas why it doesn't work for offline activation?  Thanks

McAfee Employee jappell
McAfee Employee
Report Inappropriate Content
Message 12 of 45

Re: Offline Activation

Jump to solution

One thing you could do is to look at the policy you are using for the offline system and open it up in notepad.

Scroll down near the bottom for a section LogonEndpointEncryption. Look for accessability and see if it is True.

- <Section name="LogOnEndPointEncryption">
  <Setting name="AddLocalDomainUsers" value="false" />
  <Setting name="AlwaysDisplayOnScreenKeyboard" value="false" />
  <Setting name="AutomaticBootExpirationDate" value="0" />
  <Setting name="AutomaticBootTPMUsage" value="0" />
  <Setting name="AutomaticBootingEnabled" value="false" />
  <Setting name="AutomaticBootingUseUTC" value="false" />
  <Setting name="DoNotDisplayPreviousUserNameAtLogOn" value="false" />
  <Setting name="EnableAccessibility" value="true" />
  <Setting name="EnableOnScreenKeyboardSupport" value="false" />
  <Setting name="GetUsernameFromToken" value="false" />
  <Setting name="HideUsernameDuringAuthentication" value="false" />
  <Setting name="InactivityTimeoutMins" value="0" />
  <Setting name="LogOnMessage" value="" />
  <Setting name="LogonManagedAutoBootEnabled" value="false" />
  <Setting name="LogonManagedAutoBootLogonAttempts" value="2" />
  <Setting name="MatchUsernameUpToAtSign" value="false" />
  <Setting name="OnlyAddLoggedOnLocalDomainUsers" value="false" />
  <Setting name="SyncExpiryDays" value="0" />
  <Setting name="UseTPM" value="0" />
  <Setting name="UsernameFieldName" value="SubjectDN" />

gldnju
Level 8
Report Inappropriate Content
Message 13 of 45

Re: Offline Activation

Jump to solution

EnableAccessibility is set to True

gldnju
Level 8
Report Inappropriate Content
Message 14 of 45

Re: Offline Activation

Jump to solution

Also since this feature didn't work they wanted to decrypt the system and put PGP on it.  I can decrypt it with DETECH, but how do you remove DEagent & DEwindows?  You can't install another product with the software still on it.

McAfee Employee jappell
McAfee Employee
Report Inappropriate Content
Message 15 of 45

Re: Offline Activation

Jump to solution

1. When you move your mouse from one field to another, do you hear a beep?

Did you look at the option: Always enable pre-boot USB support?  The pre-boot USB support
Forces the Drive Encryption Pre-Boot code to always initialize the USB stack. Then the USB audio functionality allows the visually impaired users to listen to an audio signal (spoken word) as a guidance when the user moves the cursor from one field to the next, in the Pre-Boot environment. The USB speakers and headphones can be used to listen to the audio signal.

 

Thoughts?

 

gldnju
Level 8
Report Inappropriate Content
Message 16 of 45

Re: Offline Activation

Jump to solution

I have both EnableAccessibility & AlwaysEnablePrebootUSBSupport enabled (true).  There are no beeps at pre boot.

McAfee Employee jappell
McAfee Employee
Report Inappropriate Content
Message 17 of 45

Re: Offline Activation

Jump to solution

I reread your posts and missed the answer to the question I posed. I would open a ticket and let them engage you further. Sorry I couldnt add anything for you.

Jay

Highlighted
gldnju
Level 8
Report Inappropriate Content
Message 18 of 45

Re: Offline Activation

Jump to solution

No worries, thank you for your time

gldnju
Level 8
Report Inappropriate Content
Message 19 of 45

Re: Offline Activation

Jump to solution

One more question (I promise).  Since this feature didn't work they wanted to decrypt the system and put PGP on it.  I can decrypt it with DETECH, but how do you remove DEagent & DEwindows?  You can't install another product with the software still on it.

McAfee Employee jappell
McAfee Employee
Report Inappropriate Content
Message 20 of 45

Re: Offline Activation

Jump to solution

Since it has a McAfee Agent on it  but on an island, detech it or use the standalone recovery tools and when you get it back to the desktop, join it back into the domain. It will join your ePO server. Place it in an isolated group and remove the software. Make sure the policy on that container is all encryption OFF with a taks to remove the software.

That help?

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community