6 Replies Latest reply on Jul 1, 2009 8:37 AM by SafeBoot

    Initial EE Password

      I have been told by one of our McAfee reps that there is a way to tell endpoint encryption to not use '12345' as the initial password, but rather synch it to an AD password. Currently the AD connector is not setup, so this may not be an option. I am wondering, is there a way to not require a pre-boot logon password until the encryption database synchronizes with the windows password?
        • 1. RE: Initial EE Password
          MEE does not syncronize with the windows password in the way you are thinking. In other words, when you create a new user in the object directory, the new object will not know what your windows or Active Directory password is.

          MEE has a default PW of 12345. once you login with that you can force a user to reset their PW to a password of their liking.

          You can optionally setup SSO (single sign on) which, once MEE has been installed, will take the windows password that you last logged in with and change your MEE password to match so they stay in sync assuming that both usernames for AD and MEE are the same.

          Using the AD Connector is a handy way to populate your object directory with usernames. It beats creating them one at a time by hand. And you can tell all users that it creates to use a different default PW other than 12345 if you want.

          "is there a way to not require a pre-boot logon password until the encryption database synchronizes with the windows password? "

          In short, no. For the SSO option to work you must first sign on with your MEE username and then, if you login to windows with the same username and but the passwords are different then your MEE password will be reset to match the windows PW. So in order for the MEE and Windows password to be in sync you must login with the MEE account with a default or temporary PW first.
          • 2. RE: Initial EE Password
            actually there is if you use the AutoDomain script.

            this will capture the users Windows Password, set it to their EEPC account, and disable Autoboot mode all in one session (as well as many other things).
            • 3. RE: Initial EE Password

              Can autoboot mode be set for one machine group in particular? In other words, if I send an installation piece to a user that checks into the database and never encrypts in that machine group, can I have that group also not prompt for a MEE password until I move the machine to its destination container?
              • 4. RE: Initial EE Password
                I guess it could - you'd have to add some logic to the script to make that test though.

                why would you want to do that though? Wouldn't you want the script to get the user creds and move them machine for you?
                • 5. RE: Initial EE Password

                  How can I get the latest and updated copy of AutoDomain script. Do I need to contact support? Is there an instruction manual which talks a little about the script "how to use it?".
                  • 6. RE: Initial EE Password
                    you can get all that from your professional services people. Support won't be able to offer it to you as it's a PS/Platinum thing.