0 Replies Latest reply on Aug 10, 2011 11:26 AM by KDelande

    "Failed to backup keys" with EE6.1.1.275

      My setup:

       

      EPO 4.6.0 Build 1029 (RTW) [Upgraded from EPO 4.0 Patch 7

      McAfee Agent 4.6.0.1694

      Endpoint Encryption 6.1.1.275

      Lenovo ThinkPad T520

      No other McAfee products installed on this client

       

      I am working on establishing my first encrypted laptop as part of a POC trial.  I have all the EE software and extensions loaded up and verified.  I have policies configured and assigned to the group my test laptop is in.  I have done an initial EE LDAP sync against my AD domain and have added a user assigned to this laptop.  Test laptop has McAfee Agent 4.6 and I have pushed, at separate times, EE Agent followed by EE PC Software and the required reboot.  Laptop has firewall disabled. 

       

      I am having a problem where the encryption seems to fail to activate due the laptop being unable to send the encryption keys to the EPO server:

       

      2011-08-10 08:02:13,642 INFO    MfeEpeCoreEncryptionPlugin           --- Activation Begins ---

      2011-08-10 08:02:20,428 INFO    EpoPlugin                            enforcePolicy: Policy Enforcement already in progress, skipping.

      2011-08-10 08:02:20,443 INFO    EpoPlugin                            enforcePolicy: Policy Enforcement already in progress, skipping.

      2011-08-10 08:02:24,609 INFO    MfeEpeKeyServerService               keyServiceHandler: dispatching DC message (EEADMIN_1000_KSSetMachineKeyCmd, CorrelationID=1312926259).

      2011-08-10 08:02:24,624 INFO    MfeEpeKeyServerService               keyServiceHandler: dispatching DC message (EEADMIN_1000_KSSetMachineRecoveryKeyCmd, CorrelationID=1312926260).   [NOTE: I never see the 2 messages that should come after this from EPO acknowleding receipt of the keys]

      2011-08-10 08:07:35,563 INFO    EpoPlugin                            enforcePolicy: Policy Enforcement already in progress, skipping.

      2011-08-10 08:07:35,579 INFO    EpoPlugin                            enforcePolicy: Policy Enforcement already in progress, skipping.

      2011-08-10 08:12:50,715 INFO    EpoPlugin                            enforcePolicy: Policy Enforcement already in progress, skipping.

      2011-08-10 08:12:50,730 INFO    EpoPlugin                            enforcePolicy: Policy Enforcement already in progress, skipping.

      2011-08-10 08:18:05,866 INFO    EpoPlugin                            enforcePolicy: Policy Enforcement already in progress, skipping.

      2011-08-10 08:18:05,881 INFO    EpoPlugin                            enforcePolicy: Policy Enforcement already in progress, skipping.

      2011-08-10 08:23:21,017 INFO    EpoPlugin                            enforcePolicy: Policy Enforcement already in progress, skipping.

      2011-08-10 08:23:21,033 INFO    EpoPlugin                            enforcePolicy: Policy Enforcement already in progress, skipping.

      2011-08-10 08:28:36,184 INFO    EpoPlugin                            enforcePolicy: Policy Enforcement already in progress, skipping.

      2011-08-10 08:28:36,199 INFO    EpoPlugin                            enforcePolicy: Policy Enforcement already in progress, skipping.

      2011-08-10 08:33:51,319 INFO    EpoPlugin                            enforcePolicy: Policy Enforcement already in progress, skipping.

      2011-08-10 08:33:51,335 INFO    EpoPlugin                            enforcePolicy: Policy Enforcement already in progress, skipping.

      2011-08-10 08:39:06,471 INFO    EpoPlugin                            enforcePolicy: Policy Enforcement already in progress, skipping.

      2011-08-10 08:39:06,486 INFO    EpoPlugin                            enforcePolicy: Policy Enforcement already in progress, skipping.

      2011-08-10 08:44:21,622 INFO    EpoPlugin                            enforcePolicy: Policy Enforcement already in progress, skipping.

      2011-08-10 08:44:21,637 INFO    EpoPlugin                            enforcePolicy: Policy Enforcement already in progress, skipping.

      2011-08-10 08:49:36,773 INFO    EpoPlugin                            enforcePolicy: Policy Enforcement already in progress, skipping.

      2011-08-10 08:49:36,789 INFO    EpoPlugin                            enforcePolicy: Policy Enforcement already in progress, skipping.

      2011-08-10 08:52:05,613 INFO    EpoPlugin                            collectProperties: dispatching disk list to AgentHandler

      2011-08-10 08:54:51,924 INFO    EpoPlugin                            enforcePolicy: Policy Enforcement already in progress, skipping.

      2011-08-10 08:54:51,940 INFO    EpoPlugin                            enforcePolicy: Policy Enforcement already in progress, skipping.

      2011-08-10 09:00:07,091 INFO    EpoPlugin                            enforcePolicy: Policy Enforcement already in progress, skipping.

      2011-08-10 09:00:07,107 INFO    EpoPlugin                            enforcePolicy: Policy Enforcement already in progress, skipping.

      2011-08-10 09:02:24,605 ERROR   MfeEpeGenEncryptionProviderPlugin    ..\..\..\Src\EpeGenActivationHandler.cpp: EPE_gen_activation_handler::backup_keys: 651: [0xEE000004] Wait timed out

      2011-08-10 09:02:24,605 ERROR   MfeEpeGenEncryptionProviderPlugin    ..\..\..\Src\EpeGenActivationHandler.cpp: EPE_gen_activation_handler::backup_keys: 662: Failed to backup keys

      2011-08-10 09:02:24,605 WARNING MfeEpeGenEncryptionProviderPlugin    ..\..\..\Src\EpeGenActivationHandler.cpp: EPE_gen_activation_handler::send_activate_exception: 705: Failed to backup keys

      2011-08-10 09:02:24,605 WARNING MfeEpeCoreEncryptionPlugin           receive_from_service_first_message_of_type(MfeEpeEncryptionServiceClient, class ns1__ESActivateEncryptionAck) wrong message received:

      <?xml version="1.0" encoding="UTF-8"?><MfeEpeMessageList xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"xmlns:SOAP-ENC="http://schemas.xmlsoap .org/soap/encoding/"xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"xmlns:x sd="http://www.w3.org/2001/XMLSchema"xmlns:ns1=""xsi:type="ns1:MfeEpeMessageList "><element xsi:type="ns1:ESActivateEncryptionExc">

        <sendTo xsi:type="ns1:MfeEpeAddress" serviceUUID="5145540F-1BA8-4F52-895D-617839C2869E" serviceName="MfeEpeEncryptionServiceClient"></sendTo>

        <from xsi:type="ns1:MfeEpeAddress" serviceUUID="70e77e64-14e4-467d-8d22-775dc78d7c3b" serviceName="MfeEpeEncryptionService"></from>

        <errorId>-301924350</errorId>

        <message>Failed to backup keys</message>

      </element></MfeEpeMessageList>

      2011-08-10 09:02:24,605 ERROR   EpoPlugin                            userHandler: failed to process batched user data response: [0xEE010002] Failed to backup keys

      2011-08-10 09:02:24,605 INFO    EpoState                             Setting enforcement state to FALSE

      2011-08-10 09:05:22,226 INFO    EpoPlugin                            enforcePolicy: new policy store created (session 1312926261).

      2011-08-10 09:05:22,460 INFO    EpoPlugin                            enforcePolicy: Waiting for OptIn users before enforcing policy.

      2011-08-10 09:05:22,460 INFO    EpoState                             Setting enforcement state to TRUE

      2011-08-10 09:05:22,460 INFO    EpoPlugin                            enforceUserPolicy: Dispatching enforce policy event.

      2011-08-10 09:05:22,476 INFO    EpoPlugin                            policyHandler: handling EnforcePolicy event

      2011-08-10 09:05:22,476 INFO    EpoPlugin                            userHandler: handling AddLocalDomainUsers event

      2011-08-10 09:05:22,476 INFO    EpoPlugin                            userHandler: handling AddLocalDomainUsers response

      2011-08-10 09:05:22,476 INFO    EpoPlugin                            userHandler: dispatching GetAllUsers event to AgentHandler

      2011-08-10 09:07:13,501 INFO    EpoPlugin                            userHandler: handling GetAllUsers response

      2011-08-10 09:07:13,532 INFO    MfeEpeCoreEncryptionPlugin           --- Activation Begins ---

       

      Also, right around the same time, the McAfee Agent throws an "Agent failed to communicate with EPO Server" error which I imagine is related but all other times, EPO communication is fine and I get no errors.  They only seem to crop up when the EE agent is trying to send the keys up.  And I know encryption won't proceed until the keys are verified as backed up for protection against encrypting without means for recovery.

       

      I couldn't find anything via Google on a cause for failing to backup the keys.  There is no corresponding error on the EPO side in the orion.log file. 

       

      Any ideas?

       

      ADDITIONAL NOTE OF RELEVANCE:  The EPO server in question is NATed from the outside.  The Agents are given a public IP so it can be reached outside of the corporate network but that address is then in turn NATed into an internal IP that the EPO server is acutally bound to.  I'm seeing some other messages about problems with data channel communication with this kind of a setup so that seems the likely suspect but I don't see any info on how to correct.  Also, we are not currently using Agent Handlers as we were recently on 4.0 where I don't beleive those existed.

       

      Message was edited by: KDelande on 8/10/11 11:26:29 AM GMT-05:00