cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted

Manual deactivation of drive encryption

Our systems group rebuilds computers over the network using SCCM.  They need a way to remove MDE first, as they don't have access to ePO.  I thought the manual removal process was just what I needed until I read that you have to deactivate the system using ePO before you can manually remove MDE.  The whole point of a manual removal process is so that you don't have to use ePO to remove the product.  What is the point in having a manual removal process when there is not a manual decryption/deactivation process to go with it?  I still need to go into ePO to decrypt and deactivate so I may as well remove it at the same time. 

If you are going to have a manual removal process, you should be able to do the whole removal, not just the second half.  Sure you can use DETECH to decrypt it, but once again you can also use it to remove the product.  Plus you have to be physically present at the system in order to run DETECH.  Without a way to manually deactivate/decrypt a system, the whole manual removal process is useless.  Either I have to go in and decrypt every system before it is rebuilt, or I have to give 40 or 50 people access to ePO and the ability to change tags and policies on systems, just so they can remove MDE for a rebuild. 

2 Replies
Highlighted

Re: Manual deactivation of drive encryption

We have had success using these tools when doing an "upgrade" (not really an upgrade) from WinXP to Win7, using Microsoft Deployment Toolkit (MDT).

McAfee KnowledgeBase - How to upgrade a Windows operating system with Drive Encryption installed

Perhaps you can use the same tools with SCCM.

Thanks.

Highlighted

Re: Manual deactivation of drive encryption

For re-imaging a machine (or upgrading the OS) you may want to look at the temporary autoboot feature. It does require it to be allowed in a policy which needs to communicate with ePO prior to using it. That may be an issues in your case.

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community