cancel
Showing results for 
Search instead for 
Did you mean: 
lfah2000
Level 10

Cannot add user too EEPC users

Hi,

We are using EEPO 6.0,1 and I am having a problem with my own PC.

I got encryption last week but cannot login with my own domain account.

It gives error EE050002 unknown user.

Adding my user account to the PC in ePO does not work. I can add other usesr and this works.

I had EEPC on my old PC (windows XP) and this worked fine.

Any Ideas where too look to solve this problem?

I checked the logfile (MfeEpe.log) . I can see the other accounts but not my own account.

Regards,

LFAH2000

0 Kudos
7 Replies
redbaron51
Level 9

Re: Cannot add user too EEPC users

"I checked the logfile (MfeEpe.log) . I can see the other accounts but not my own account."

How is the entry on MfeEpe.log????? Can you copy and paste a line for us.

The reason I am asking is that in my test environment I do not see a user account being added on MfeEpe.log. I am wondering how long it takes after user logs in to the machine for their account being added EEPC

Mind you I am testing EEPC 6.1

0 Kudos
lfah2000
Level 10

Re: Cannot add user too EEPC users

Hi,

You have to enable logging first:

https://kc.mcafee.com/corporate/index?page=content&id=KB67529&actp=search&viewlocale=en_US&searchid=...

2011-7-4 9:44:21,924 DEBUG MfeEpeHost From uuid = 70e77e64-14e4-467d-8d22-775dc78d7c3b From Service = MfeEpeEncryptionService To uuid = 2b2f032f-a620-11e0-800d-e02a82c9b94c To Service = MfeEpeEncryptionServiceClient Message = <element xsi:type="ns1:ESGetUpdatedUsersRsp"><sendTo serviceName="MfeEpeEncryptionServiceClient" serviceUUID="2b2f032f-a620-11e0-800d-e02a82c9b94c" xsi:type="ns1:MfeEpeAddress"></sendTo><from serviceName="MfeEpeEncryptionService" serviceUUID="70e77e64-14e4-467d-8d22-775dc78d7c3b" xsi:type="ns1:MfeEpeAddress"></from><userList xsi:type="ns1:ESUserList"><users xsi:type="ns1:ESUser"><uuid>CEBCB9509D44924CA98FA79D91B58D14</uuid><name>XXXXXXXXX</name><policy xsi:type="ns1:ESPolicy"><ident>806</ident><name>AO Userbased Policy</name><timestamp xsi:type="ns1:MfeEpeTimestamp"><milliseconds>133303219</milliseconds></timestamp><section xsi:type="ns1:ESPolicySection"><name>Authentication</name><item name="CertificateRulesQty" value="0" xsi:type="ns1:ESPolicyItem"></item><item name="CertificateUseLates

The characters <name>XXXXXXXXX</name> will note the userID

Regards,

LFAH2000

0 Kudos
redbaron51
Level 9

Re: Cannot add user too EEPC users

Hi and thanks for that...

only issue is that this is for debugging only and should be switched off after troubleshooting.

I was hoping that we could see user in the log file (MfeEpe.log) so we did not need to give help desk/support  teams access to this area of ePO and add users to computers.

cheers

0 Kudos
DLarson
Level 12

Re: Cannot add user too EEPC users

How is your EE LDAP sync task configured? I have seen this issue in the past where your account is added, but not in the format you expect. By default, the task is configured to use the "user name" attribute of Active Directory. So you would have to type in your username in this format "joe user". You are probably used to logging in with the format "juser". If this is happening, you can fix it by modifying your EE LDAP sync task to use samaccountname for the first two fields instead of the "name" or "user name" attribute that is there by default. I have documented this recommendation and all other initial configuration recommendations here: https://community.mcafee.com/blogs/danlarson/2009/11/30/unofficial-quickstart-guide-for-mcafee-eepc-...

0 Kudos
redbaron51
Level 9

Re: Cannot add user too EEPC users

Hi Larson

EE LDAP task settings configured:

username: samaccountname

display name: samaccountname

account control: useraccountcontrol

user certificate: blank

Your guide is good and I had already read it.

0 Kudos
lfah2000
Level 10

Re: Cannot add user too EEPC users

Hi,

I have no direct access to the ePO console.

I will check this. But if this was true then it should  not be possible to add other accounts?

On the client my local profile was not added either. My domain account also has a local profile.

regards,

LFAH2000

0 Kudos
redbaron51
Level 9

Re: Cannot add user too EEPC users

AFAIAK

You can add users by either going:

Menu - Data Protection - Select System - Actions - Endpoint Encryption - Add Users

or

From the Product Policy enable "Add Local domain users" and whoever logs on to the machine will be added as an EEPC user on that system

What I wanted to see from the MfeEpe.log was something like:

....adding user DOMAIN\username1

....adding user DOMAIN\username2

etc so that th esupport team did not need access to this area of ePO to check whether specific user has been added to the system.

Message was edited by: redbaron51 on 07/07/11 08:26:31 CDT
0 Kudos