Showing results for 
Search instead for 
Did you mean: 

Endpoint Encryption - Windows 7 task sequence - Remove EE MBR without changing Partition Table

Hi there

Hoping for a solution to an issue I have with rebuilding Windows 7 machines encrypted with EE 7.0.1.

Here is my scenario:

>SCCM 2012\Windows 7 task sequence

>creates 2 partitions - partition 1 (C: drive, for OS image and apps) and partition 2 (D: drive, for user data, some of it redirected)

>both partitions encrypted by EE 7.0.1

What I need is to create a 'rebuild' task sequence which formats C: and installs Windows 7/apps, but which DOESN'T touch D: or any of the data stored upon it.

I understand that EE writes to the MBR (to boot into EE before Windows) and this is where the challenge lies.

As part of the task sequence I need to strip out the EE element in the MBR WITHOUT changing in any way the partition table.

I'm testing this just now and sure enough, though the task sequence will format C: and apply theOS image and drivers, after the first reboot I get a black screen with 'EEPC has been corrupted'.

Presumably this is because the EE-altered MBR thinks C: should stll be encrypted.

Using bootsect I can reset the MBR and boot into Windows 7, the task sequence completes BUT the D: drive (though still) there has been wiped.

So what I am looking for is a McAfee tool or script which I can incorporate into a task sequence which will cleanly remove the EE element of the MBR without doing anything else.

I don't doubt there are McAfee tools/scripts which can achieve this, but it is crucial that the partition table must not be touched otherwise I lose the user data.

I'd be grateful if someone could advise me on what McAfee tools/scripts to look at.

Best regards


0 Kudos
1 Reply
Level 21

Re: Endpoint Encryption - Windows 7 task sequence - Remove EE MBR without changing Partition Table

I think this might help you understand what's going on.

What you are asking for though is going to be tricky, as the pre-boot system is stored on the boot drive. You can't just keep the EEPC MBR and expect things to work. The error you are getting means the EEPC MBR is still in place, but you deleted the pre-boot file system (by formatting CSmiley Happy - "cleanly removing the EEPC MBR" is not going to help you achieve what you are trying to do.

saying that, to achieve what you ask - "How do I cleanly remove the EEPC MBR without touching the partition table", that can be achieved by using FIXMBR.

as I say though, I don't think doing that is going to help in your ultimate goal though.

Message was edited by: SafeBoot on 11/20/13 9:16:21 AM EST
0 Kudos