8 Replies Latest reply on Jun 10, 2010 10:51 AM by peter_eepc

    Password sync

      Hi all;

       

      New to the community support, and I have a pretty bunch of questions about Endpoint Encryption for PC...

       

      Any gurus here?

       

      Okay, lets begin with: Password sync between EEPC and Novell

       

      More infos:

      I have to find a way to synchronize Novell passwords with Endpoint Encryption for PC. ANd I have to admit it, I don't know how we do that, someone can help me???

       

      Thanks in advance for the replys (if any)

       

       

      you can reply directly to this or use the email under this line

       

      email removed for your safety - all replies route there anyway - Moderator

       

       

      Message was edited by: Ex_Brit on 09/06/10 10:46:49 EDT AM
        • 1. Re: Password sync
          exbrit

          Moved provisionally from "Getting Started" to "Business > Data Protection > Encryption: EEM Managed" for better attention - Moderator

           

           

          Message was edited by: Ex_Brit on 09/06/10 10:47:04 EDT AM
          • 2. Re: Password sync

            first, what version of EEPC? It should happen regardless if your policy is set with that option enabled - it's the Windows password that gets synced though (which is usually your Novell password anyway).

             

            for more help, what version of EEPC, and what version of Windows?

            1 of 1 people found this helpful
            • 3. Re: Password sync

              Hi Safeboot;

               

              First, thanks for your answer;

               

              The answers to your questions:

               

              version of EEPC: V.5.2.4.1

              (nota: I only install that, we don't want the users do some encryption or create keys directly on the laptop. So, the policy tab in the EEPC manager was'nt here-only the users/systems/computers tab are visible).

               

              Windows version: Windows XP SPIII with the latest windows security updates (distributed frequently via zen 7.0);

               

               

              Rejean Houle

              • 4. Re: Password sync

                Well, the pre-boot password should change when the user does a ctrl-alt-del password change in Windows, as long as you have the EEM machine general "Windows Login" properties set to enable this (tick them all if in any doubt).

                 

                Best thing for you to do is go back to your McAfee reseller and get some implementation support I think.

                1 of 1 people found this helpful
                • 5. Re: Password sync

                  Hi Safeboot;

                   

                  This is the tricky part of the process. The password change is initiated by Novell (the users never do ctrl-alt-del to change their password, they are asked to do that at each 60 days). Sure, we can do ctrl-alt del to change the password, but the change is do with Novell UI, not windows.

                   

                  Okay, I go with what I think... Lemme see if this is logical;

                   

                  The laptop is encrypted (HD totally encrypted). The user have to enter 2 passwords at boot. One for EEPC and the other for Novell. When Novell asks to change the users password, these new credentials are passed at windows who accept the new ones. If SSO in EEPC is enabled, he trap the new credentials form windows, passes them to the EEPC manager and so, at next sync from the laptop (or from the manager to the laptop) the credentials are adjusted and all of them (EEPC/Novell/Windows) are adjusted...

                   

                  Is it Right?

                   

                  If my logic is correct, how can I do the sync?

                  Can I do that sync by importing users via an AD Connector?

                   

                  Thank you Safeboot for your answers. Any of them are valuable if I can set this thing up and running.

                   

                  R.Houle

                  • 6. Re: Password sync

                    EEM AD connector manipulates only user accounts (names, create/enable/disable/delete) but not passwords.

                     

                     

                    on 6/10/10 10:33:54 AM EDT
                    1 of 1 people found this helpful
                    • 7. Re: Password sync

                      Hi Peter EEPC;

                       

                      Okay, I see your email and see that I am on the wrong way...

                       

                      So there is another way to achieve that synchronization?

                       

                      I read practically all the documents that comes with the sources, find somes cues about SSO, AD/LDAP Connectors and other stuff. From this litterature, I write a 40 pages document concerning the 8 steps to install manager/creating the DB/Adding administrative users/single users/creating install sets. Too, I do powerpoints to explain the recovery methods (sorry, all in french).

                       

                      If you want, I can attach the 40 pages document I joined to a post, maybe you can see things I don't see (but be aware, it's all in french)...

                       

                      thanx for your answer, I really want that to work because I think McAfee is the right solution for our business, I already test E-Po with viruscan and antispyware and the integration of that in our environment comes in a snap.

                       

                      R.Houle

                      • 8. Re: Password sync

                        I'm afraid I won't be able to peer review your doc in french.

                         

                        As for SSO details, did you read "Windows Sign-on and SSO" from "Endpoint Encryption for PC Administration Guide.pdf"? It explains a lot.