My #1 McAfee guy just resigned and my #2 is on vacation for the next two weeks.
I'm in over my head, which is why I'm posting here.
I'm using EPO 4.6
I've read though a ton of postings on this forum.
I've been following this guide https://community.mcafee.com/community/business/data/epoenc/blog/2011/07/20/endpoint-encryption-for-... with the excption that I haven't done the export from V5 manager and then imported into EPO. I'm an experienced sys admin, but I'm a 2 day book learning fool when it comes to McAfee which is why I'm a little reluctant to do the import into EPO.
I have about 1,000 laptops that need to be upgraded from 5.22 to 18.104.22.1685 The users of these machines are very, very, far less than tech savy. Changing the background on the MEE login page stops them from proceeding, they don't call for help, they just stop working. It's painful.
I've manged to get the deploy mostly working the way I'd like, (eboots surpressed; security questions delayed etc) with one *MAJOR* exception. After the software agent and EEPC have been pushed and installed I get two different behaviors
(A) the first reboot after the agent and EEPC have been installed the user is presented with the 5.22 PBA screen. Sometimes their AD credentials work, sometimes they need to use the default password. The machine requires a 2nd reboot before they are presented with the EEPC PBA screen.
(B) the first reboot after the agent and EEPC have been installed the user is presented with the 22.214.171.1245 PBA screen and their AD credentials work just fine.
I'm delaying the reboot so I know the software has had a chance to complete any housekeeping task.
Why do I get scenario A happening and why do their credentials sometimes work and sometimes not? I can't predict when scenario A will happen, because of the skill level of the users impacted I'll need to hand hold every user through this upgrade. Oh, one more thing, the users are spread out across the U.S. with little or no local tech support. My security team is not staffed to provide end user support, but IT has elected me as the owner so I need to complete the upgrade.
I'm willing to execute the V5 export and import into EPO if it will fix my problem, but I'm reluctant to just try it hoping it will fix the problem, especially with my production enviornment.
Thanks for taking the time to read this post, and if you reply Thank you very, very much! I'm hoping I'm missing something obvious.
in case A, if the user is seeing the EEPC5 pre-boot then they need to be using their existing EEPC5 credentials. These may, or may not be the same as their AD creds depending on your setup and the user.
I think this might be related to you supressing the required reboots - EEPC can't switch versions without a reboot, so delaying it might be allowing EEPC5 to reactivate itself.
Take a look at the EEPC5 logs in situation A - that might give you some clues.
There is a an agreement in place between IT and the business that prevents reboots during working hours, for the group of technically challenged users, hence the delay in the reboot.
During our testing we didn't originally surpress the reboots and we still saw the same behavior. We know EEPC needs a reboot to switch versions, it's just that sometimes it requries 2 reboots and that's the real issue, if it only required one reboot everything would be manageble.