This is a question which has been asked before earlier this year, but with no response, so trying again!
The Surface Pro 4 has been out for many months, yet the on screen keyboard still does not function on the pre-boot logon screen. Having enabled it in the EPO logon policy, I can see it on the screen yet the touch screen does not interact with it.
The touch mouse is also jumps around badly and it also takes several seconds for the physical keyboard attachment to respond. Eventually the keyboard and touchpad will work but it is not ideal as this prevents tablet users from logging in.
I'm using the latest version of the McAfee encryption 188.8.131.524.
I cannot work out if this is a McAfee problem or if this is a firmware issue. I am running the latest firmware (August 30th 2016 release).
Intel Security and Microsoft worked together to verify the functionality of the Surface Pro 4 and changes were applied both in the Microsoft firmware and MDE code. Please ensure you are running the current Microsoft UEFI firmware (Which appears you are) and the updated Hardware Comparability XML attached to the bottom of KB81900.
Note: After updating the HWComp XML, the system will need to be reactivated either by using the DETech Standalone disk to emergency boot the system or by decrypting and deactivating the system by deselecting the "Enable Policy" option in the Product Policy and reactivating after the system shows "Inactive" in the Drive Encryption Status Monitor.
If you are still seeing the behavior after updating the HWComp XML, please open a service request with us and we will gladly further investigate this issue.
Many thanks for the response. I can confirm we are running a much older version of the HWComp XML file. By implementing this file, is there any risk or impact to existing encrypted computers? We are nervous of making changes to the encryption product and don't know the full implication of what uploading this file will do and there is no easy way to test the impact of this change. Do you have any advice/experience?
The settings in the HWComp XML file are only applied to systems when they activate. Systems already activated will not be affected in any way by updating the XML. This is why you must deactivate and reactivate or emergency boot to apply these settings to a system.
Does the XML file get included during the creation of the offline package (when the ePO policy is exported) meaning I will have to re-create this package, or will it apply once the offline activated computer connects to the ePO server? Is there a method to add it to an offline installation?