if the policy is good on other machines, it's most likely an issue with the Aladdin RTE, or the build on this one box. What's different about this machine compared to all the others?
The RTE was previously 4.0 and the machine suddenly had issues recognizing the token at all.
Installation of 4.5 did not help, so EEPC was uninstalled and the disk decrypted.
After reinstallation the token was recognized correctly.
Now all machines have RTE 4.5 and only this problem with token recognition differentiates the machine from the others.
We've discovered a further symptom:
If the machine is locked manually, then unlocked again, it accepts locking via token removal, but only until the next reboot.
one machine behaving differently compared to all the others, and with the same policy etc?
I think it's time for a re-image.
Yeah, that'll probably help.
I'll be back if not.
Thanks for now!