9 Replies Latest reply on Sep 28, 2011 1:54 AM by nyks.up

    EndPoint MBR Problem (Pre-Boot)

      Hello,

       

      I had a problem on my mbr disk , we are using end point encrption to protect our system , but the problem is endpoint is writing itselft to the mbr and it is creating a pre-boot aut. and i uninstalled the endpoint from the client but the pre-boot aut is still available how can i remove it from the clients computer.Thank you for your help.

        • 1. Re: EndPoint MBR Problem (Pre-Boot)

          nyks.up - EEPC will modify the MBR so that it can enforce pre-boot auth. How did you remove the EEPC client? through ePO? Do you have ePO? If so do you still have the ability to export the recovery information from ePO? Check out the McAfee EETech User Guide. It has varying recovery options as well as the ability to remove the existing Pre-boot partition.

          • 2. Re: EndPoint MBR Problem (Pre-Boot)

            Hello,

             

            We are using ePolicy Orchestrator in order to manage client computers.The problem  is we have too much clients which is encrypted ,so probably you are offering using a wintech recovery cd to remove the pre-boot. but as i mentioned before i am looking for a remote solution to remove the pre-boot.Can i do it with using ePO?Because using a recovery cd is not a solution for me , too much work!Can i describe a policy to remove the pre-boot?

            Thank you for your help.

             


            • 3. Re: EndPoint MBR Problem (Pre-Boot)
              Hemant Koli

              Hello nyks.

               

              Yes, it is possible with ePO. You can configure deployment task to uninstall EE.

              First you need to remove EEPC & then EEAgent.

              This will help you.................If any Issue you can get back

              • 4. Re: EndPoint MBR Problem (Pre-Boot)

                Sorry. Didnt see any reference to Remote Solution in your original post    i dont like your chances. ePO currently only talks to the endpoint once the O/S boots and the agent communicated back to the ePO environment. This may be re-jigged once the intel vPro environment is up and running but I digress. EEPC Pre-boot auth does not communicate directly with ePO so there will be no way to remove this that I know of but it doesnt mean that it doesnt exist... as far as I can tell from the info that you provided you WILL have to use the recovery CD.. unless you can boot that OS to windows.. you should still be able to assign/remove EEPC policy for that node..

                 

                Did you remove the EEPC through ePO or manually. Dont forget there are 2 parts to the EEPC, both of which can be removed using ePO

                • 5. Re: EndPoint MBR Problem (Pre-Boot)

                  Hello again thanks for your attantion.

                  Hemant Koli what do yo mean remove EEPC & EEAgent?

                  This is probably not a solution for me.Because uninstalling the product is not a solution.I testted the following scenerio :

                  • Decryption of the Client
                  • Removing the Agent
                  • Removing The Frame

                   

                  ePO decrypted the machine without any problem,i uninstalled the product perfetcly.But the pre-boot was still active.I am looking for a complate removal by using ePO.Is it impossible?

                  Thank you again.

                  • 6. Re: EndPoint MBR Problem (Pre-Boot)
                    Hemant Koli

                    Hello nyks.up

                     

                    May i know what excatly u r trying to do??.....

                    As in your earlier post you have mentioned that "i am looking for a remote solution to remove the pre-boot.Can i do it with using ePO?"

                    So i have suggested to remove EE with help of ePO.

                    • 7. Re: EndPoint MBR Problem (Pre-Boot)

                      Hello Hemant,

                       

                      As i said before removing ee pc with ePO couldnt remove the pre-boot aut.Try and see it.And can you describe the procedure how you remove an encrypeted machine by using ePO ,maybe i am missing something.Thanks.

                      • 8. Re: EndPoint MBR Problem (Pre-Boot)
                        Hemant Koli

                        Hello nyks.up

                         

                        Thats what i had suggested in my earlier post.

                        1. Create a policy to Inactive(Disselect Enable Policy)/Decrypt(Encrypt: None) & assing to the systems.

                        2. Then create product deployment task for Uninstalling EE(first uninstall EEAdmin & then EEAgent)

                        this steps will remove pre-boot.

                        • 9. Re: EndPoint MBR Problem (Pre-Boot)

                          Thank You for your help.