3 Replies Latest reply on Aug 12, 2011 6:39 AM by ArnsteinLangnes

    Problem recovering a machine with "require Endpoint encryption" enabled

    ArnsteinLangnes

      Hei.

      We have EEPC 5.2.9

      in Machine Properties - General -  Options,  all options are enabled.

      I do have issues when trying to run a Machine recovery here, since the initial preboot recover ends up in EEPC logon after windows has started.

      Here I have tried all possible recovery possibilities both in EEM and WEB Helpdesk  to bypass the EEPC logon box here and be presented with some windows logon possibilities.

      The first message after doing challenge response code if "recovery succesful" , but then a error message : 0xe0000000 -  User aborted

       

      Anybody with experience if this even is possible?

      Is it not possible to do a helpdesk assisted Machine recovery on a W7 klient with EEPC logon and full SSO?

      Any workaround option here?

       

      Regards.

        • 1. Re: Problem recovering a machine with "require Endpoint encryption" enabled
          ArnsteinLangnes

          I have got a feedback from McAfee support (FIrst level I think) that this is not possible to accomplish.

          Meaning if you use SSO, there is no way to run a complete recovery and be able to start the machine without having a known username is the SBFS on the machine??

          Solution is to disable SSO on this machine from the Management console. (the Disable SSO button in recovery screen have no effect)

          Then if you have a VPN access with user initiatet connection, this is not possible to do since we are unable to get into the windows GUI..

           

          If anybody have any ideas I would be pleased..

          • 2. Re: Problem recovering a machine with "require Endpoint encryption" enabled
            rbdudani

            to perform recovery either you should have username & password for safeboot or .sdb file from SB console


            if you are owner of the machine and if you are able to login to safeboot screen on your system you can perform recvoery with the help of safetech adn wintech.. ( i dont think disabling of sso from EEM is require)

            • 3. Re: Problem recovering a machine with "require Endpoint encryption" enabled
              ArnsteinLangnes

              I did not mean Safetech/Wintech recovery her. Only Helpdesk assisted challenge respons recovery.

              Computer does not have the username in SBFS, and he want to be able to get to the windows login to open the VPN and get the "new user" synced down to this machine.

              The main issue is that if you have SSO enabled, there is no way that we can get to the windows logon.. All possible options ends in a error message..

              I can not sync until I am back into the Office network, and hope that the "new user" will be synced in background and then be able to log on with this new user at next boot.

              Or deactivate SSO on the machine in the policy, sync this to the PC and boot again.. Both theese options mean that I will need to be connected to the Office LAN..

               

              Possibly we could use a "recoveruser" with a unknown password with no corresponding windows user. Then we might be able to recover using this user, and then since no SSO is attached be able to get to the Windows logon??

               

              Other suggestions ?