cancel
Showing results for 
Search instead for 
Did you mean: 

One system with MNE reporting "Unable to determine status"

Hi,

I have one system with BitLocker enabled and fully encrypted yet MNE is reporting back the following in ePO under Native Encryption Properties:

Status:  No Status Available

System Encryption Status:  Unable to determine Status

Bitlocker Protection Status:  Unknown

Attached are MNE logs, hoping to not have to rebuild/replace.  I've already tried uninstalling MNE > Turning off BitLocker > Clear TPM > Reinstall MNE > Re-enable BitLocker with the same end result.  Here are a few related lines from the logs:

02/07/2017 03:59:53.250 PM MNEService(2584,3648) <SYSTEM> BitLockerProtectionFunctor.Warning: BitLocker API returned a status of "Unknown" protection status from GetProtectionStatus for volume Volume{a4e3622f-a825-11e6-a48a-e4a7a0f48d45}\
02/07/2017 03:59:53.250 PM MNEService(2584,3648) <SYSTEM> BitLockerProtectionFunctor.Warning: This probably indicates that this volume is locked.
02/07/2017 03:59:53.250 PM MNEService(2584,3648) <SYSTEM> BitLockerProtectionFunctor.Warning: Therefore cannot determine overall BitLocker protection status for this system.  Setting to "Unable to determine"

2 Replies
McAfee Employee hhoang
McAfee Employee
Report Inappropriate Content
Message 2 of 3

Re: One system with MNE reporting "Unable to determine status"

Your debug log actually shows the volume as protected:

02/07/2017 04:22:19.879 PM MNEService(2584,3648) <SYSTEM> BitLockerProtectionFunctor.Debug: GetProtectionStatus returned protected

02/07/2017 04:22:19.894 PM MNEService(2584,3648) <SYSTEM> BitLockerProtectionFunctor.Warning: BitLocker API returned a status of "Unknown" protection status from GetProtectionStatus for volume Volume{a4e3622f-a825-11e6-a48a-e4a7a0f48d45}\

Not sure why it is then reporting unknown after the fact.  If you run the following powershell command it will list the volume GUIDs on that system:

GWMI -namespace root\cimv2 -class win32_volume | FL -property DriveLetter, DeviceID

After you know what driver letter/ volume name to reference run the Bitlocker command line to see if the status is indeed protected:

manage-bde -status

At least based on logging it seems to be a false-negative.  Is this the only system having this problem?

Re: One system with MNE reporting "Unable to determine status"

This is indeed the only system.  I just replaced it and will re-image and see if it recurs.  If so, I'll look at possible TPM issues.

More McAfee Tools to Help You
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • Visit: Business Service Portal
  • More: Search Knowledge Articles
  • ePolicy Orchestrator Support
  • The McAfee ePO Support Center Plug-in is now available in the Software Manager. Follow the instructions in the Product Guide for more.