4 Replies Latest reply on Jun 21, 2011 4:23 AM by oltimator

    Endpoint Encryption 6.1 - Inactive - User data is missing?

      Hello!

       

       

      The Issuse:

      I can't activate EEPC on this Machine! (see Log-File below)

       

       

      The EEPC System Status console shows the following while the process begins:

      1. event "Get all users" created

      2. creating PreeBoot Filesystem

      3. sending Keys to ePO

      4. sending Keys OK

      5. activation aborted.

       

      Whats the Problem here?

      Here is a User with Similar Issuse! But no Answer... See Post https://community.mcafee.com/message/190495#190495

       

      Some System Informations:

      Following Software: ePO4.6, EEPC 6.1.0.248, EEAgent 1.1.0.248, Agent Version 4.5.0.1852

       

      Windows XP SP3 Workstation

      (previous EEPC 6.02 and EEAgent uninstalled).

      Installation of EEPC 6.10.248 / EEAgent 1.1.0.248 via Task successfully!

      Firewall is off, no HIPS Module.

       

      In ePO: Encryption User assigned to Workstation succesfully!

      All necessary Policies and Servertasks (EEPC-LDAP-Sync) created and enforced (Wakeup Agent with execute of all Tasks). No Use of Client Certificates!

      The McAfee Agent works with no Errors - (i.E. DAT Files are updated correctly).

       

      I've tried the following Things:

       

      KB68602 - Ensure that the user is entered in the format NTDomain\username.  OK!

      KB68410 - Verify all Level Checks OK!

       

      Uninstalled, reboot and reinstalled EEPC on the machine OK!

       

       

      many greetings and thanks for helping

       

       

      ----------------

       

       

      Here the XP-Machine Log File MfeEpe.log:

       

      2011-06-16 10:20:20,958 INFO    EpoPlugin                            collectProperties: dispatching disk list to AgentHandler

      2011-06-16 10:20:22,723 INFO    EpoPlugin                            enforcePolicy: new policy store created (session 1308208947).

      2011-06-16 10:20:24,301 INFO    EpoPlugin                            enforcePolicy: Waiting for OptIn users before enforcing policy.

      2011-06-16 10:20:24,348 INFO    EpoState                             Setting enforcement state to TRUE

      2011-06-16 10:20:24,348 INFO    EpoPlugin                            enforceUserPolicy: Dispatching enforce policy event.

      2011-06-16 10:20:24,348 INFO    EpoPlugin                            policyHandler: handling EnforcePolicy event

      2011-06-16 10:20:24,364 INFO    EpoPlugin                            userHandler: handling AddLocalDomainUsers event

      2011-06-16 10:20:24,364 INFO    EpoPlugin                            userHandler: handling AddLocalDomainUsers response

      2011-06-16 10:20:24,364 INFO    EpoPlugin                            userHandler: dispatching GetAllUsers event to AgentHandler

      2011-06-16 10:23:25,300 INFO    EpoPlugin                            enforcePolicy: Policy Enforcement already in progress, skipping.

      2011-06-16 10:23:25,363 INFO    EpoPlugin                            enforcePolicy: Policy Enforcement already in progress, skipping.

      2011-06-16 10:24:27,331 INFO    EpoPlugin                            collectProperties: dispatching disk list to AgentHandler

      2011-06-16 10:25:31,237 INFO    EpoPlugin                            userHandler: handling GetAllUsers response

      2011-06-16 10:25:31,565 INFO    MfeEpeCoreEncryptionPlugin           --- Activation Begins ---

      2011-06-16 10:25:56,909 INFO    MfeEpeKeyServerService               keyServiceHandler: dispatching DC message (EEADMIN_1000_KSSetMachineKeyCmd, CorrelationID=1308208948).

      2011-06-16 10:25:56,987 INFO    MfeEpeKeyServerService               keyServiceHandler: dispatching DC message (EEADMIN_1000_KSSetMachineRecoveryKeyCmd, CorrelationID=1308208949).

      2011-06-16 10:26:01,034 INFO    MfeEpeKeyServerService               keyServiceHandler: handling ePO response: KSSetMachineKeyAck

      2011-06-16 10:26:01,065 INFO    MfeEpeKeyServerService               keyServiceHandler: handling ePO response: KSSetMachineRecoveryKeyAck

      2011-06-16 10:26:01,174 WARNING MfeEpeCoreEncryptionPlugin           receive_from_service_first_message_of_type(MfeEpeEncryptionServiceClient, class ns1__ESActivateEncryptionAck) wrong message received:

      <?xml version="1.0" encoding="UTF-8"?><MfeEpeMessageList xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"xmlns:SOAP-ENC="http://schemas.xmlsoap .org/soap/encoding/"xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"xmlns: x sd="http://www.w3.org/2001/XMLSchema"xmlns:ns1=""xsi:type="ns1:MfeEpeMessageLis t "><element xsi:type="ns1:ESActivateEncryptionExc">

        <sendTo xsi:type="ns1:MfeEpeAddress" serviceUUID="5145540F-1BA8-4F52-895D-617839C2869E" serviceName="MfeEpeEncryptionServiceClient"></sendTo>

        <from xsi:type="ns1:MfeEpeAddress" serviceUUID="70e77e64-14e4-467d-8d22-775dc78d7c3b" serviceName="MfeEpeEncryptionService"></from>

        <errorId>-301662202</errorId>

        <message>[0xEE050006] Following exceptions were raised when processing user list&#xA;class EPE_user_incosistent_policy_exception: [0xEE050004] User data is missing [F8F3F93FECF9C9459B210F535A54F0F6]: Code :3993305092</message>

      </element></MfeEpeMessageList>

      2011-06-16 10:26:01,190 WARNING MfeEpeGenEncryptionProviderPlugin    ..\..\..\Src\EpeGenActivationHandler.cpp: EPE_gen_activation_handler::send_activate_exception: 698: [0xEE050006] Following exceptions were raised when processing user list

      class EPE_user_incosistent_policy_exception: [0xEE050004] User data is missing [F8F3F93FECF9C9459B210F535A54F0F6]: Code :3993305092

      2011-06-16 10:26:01,190 ERROR   EpoPlugin                            userHandler: failed to process batched user data response: [0xEE050006] [0xEE050006] Following exceptions were raised when processing user list

      class EPE_user_incosistent_policy_exception: [0xEE050004] User data is missing [F8F3F93FECF9C9459B210F535A54F0F6]: Code :3993305092

      2011-06-16 10:26:01,190 INFO    EpoState                             Setting enforcement state to FALSE

      2011-06-16 10:26:01,237 INFO    EpoPlugin                            userHandler: handling GetAllUsers response

      2011-06-16 10:26:01,237 ERROR   EpoPlugin                            userHandler: failed to process batched user data response: [0xEE000006] No policy store

      2011-06-16 10:26:01,252 INFO    EpoState                             Setting enforcement state to FALSE 

       

      Nachricht geändert durch oltimator on 20.06.11 07:35:00 CDT

       

      Nachricht geändert durch oltimator on 20.06.11 08:27:59 CDT
        • 1. Re: Endpoint Encryption 6.1 - Inactive - User data is missing?
          SCtbe

          How about policy assignment rules? Have you configured them?

          • 2. Re: Endpoint Encryption 6.1 - Inactive - User data is missing?

            Hi SCtbe,

             

            yes, because other machines (in the ame OU for the same encryption users/groups) activate EEPC and encrypt the HD with no problems!

            I wouldn't like to install the machine new, because it's a metrological Device installed and this must be installed by the manufacturer

             

            What i do not understand, the old version of ePO (4.5) and EEPC 6.02 had previosly worked well.

            I have this problem since installed EEPC6.1 under ePO4.6 - but i can't go back to ePO4.5.

             

             

            But strange are these two Error Messages:

            EPE_user_incosistent_policy_exception: [0xEE050004] User data is missing <-- Users are assigned to this machine!!

            userHandler: failed to process batched user data response: [0xEE000006] No policy store <-- Other machines obviously find the policy Store well!!

             

             

            Thanks for your reply and greetings

             

             

            Nachricht geändert durch oltimator on 21.06.11 01:01:38 CDT
            • 3. Re: Endpoint Encryption 6.1 - Inactive - User data is missing?
              whgibbo

              Hi,

              It looks like the machine hasn't received all the user data, for this particular user.  The error message 0xEE050004 should have an ID on on the end of it, this is the user having the problem.

               

              You maybe able to get around this in one of the following ways:

              1. On a different 6.1 client, try logging in as this user (and possibly change the password).  Then ensure that the this machine syncs up with ePO.  Then sync down to the client having the problem.
              2. Remove the user from all machines and re-add it.  I know this is not idea, but will resolve the problem.

               

              Have you raised this with McAfee support, if so do you have a case number ?

              • 4. Re: Endpoint Encryption 6.1 - Inactive - User data is missing?

                Hi whgibbo,

                 

                i have identified the user becuse of its ID.

                 

                ...The error message 0xEE050004 should have an ID on on the end of it, this is the user having the problem...

                First Step: Change Password - Reactivating EEPC. But no success.

                Then added this user to an other machine. The result: Error adding User!

                I can't resync this User with any machine!

                 

                Break, lets Think...

                 

                OK, i erased the User. (in AD)

                Wait 10 minutes for AD Domaincontrollers Sync.

                Recreated it (in AD).

                Wait 10 minutes for AD Domaincontrollers Sync.

                Run EEPC-LDAP-Task in ePO.

                Now adding the User to the descripted machine.

                Run Wake Agent...

                 

                And! Yeahhh! It works! The User in Acrive Directory has a problem. EEPC was guiltless!

                 

                Thanks for the Tip - Problem solved