5 Replies Latest reply on Feb 6, 2012 10:08 AM by SafeBoot

    EEP vs Advanced Format disk

      Hi everyone,

       

      last week I noticed some problems with disk encryption. I've some new disks for test:

       

      Seagate 500GB AF (AHCI mode)

       

      I've installed Windows XP SP3 on the client machine and encrypted disk with EEP 5.1.8.  During the tests I noticed that I can't decrypt the disk using WinTech. I autorise from SBS and run Crypt state / next time I used Force crypt. The process end with infromation that operation finish succesfully. But when I try run the OS, I got the information: "SafeBoot has been corrupted (error 92h)".

       

      When I reinstall the system and choose Remove from SB server, disk decrypt succesfully and I can't use.... Can anybody help me?

       

      BR

       

      Rafał

        • 1. Re: EEP vs Advanced Format disk
          Hayton

          If you're using SafeBoot then you must be using the Enterprise installation not the Consumer one, is that correct? If so this properly belongs in a different section.

          • 2. Re: EEP vs Advanced Format disk
            Hayton

            It must be Enterprise, I've just seen a very similar post in

            McAfee Communities / Business / Data Protection / Encryption: EEM Managed / Discussions.

             

            I've moved this question there from Consumer Home and Home office.

            • 3. Re: EEP vs Advanced Format disk

              What options did you use in WinTech - can you remember exactly what you did? The steps you outline were never going to work on any drive unfortunately.

               

              First, why are you using Force Crypt? That's an option you should NEVER be using if the disk information is good.

               

              Second, decrypting the drive does not remove the pre-boot code, it just decrypts the drive - if you did a forced decrypt over the whole range of sectors, you would have mistakenly decrypted the pre-boot environment code (which was not encrypted in the first place), thus your 92H error on the next boot.

               

              So, you could use force decrypt, then flush the mbr (restore original MBR), but it would be MUCH safer to use the basic "REMOVE" option, or at least the safe crypt options which update the disk information as they go.

               

              Force is neither recoverable in the event of an error/power outage, or safe, AND it will destroy the disk information, so only use it if you need to.

               

              Message was edited by: SafeBoot on 2/6/12 8:11:46 AM EST
              1 of 1 people found this helpful
              • 4. Re: EEP vs Advanced Format disk

                Ok, thx for your answer.

                 

                Steps that I've done:

                1. Export machine configuration file (test.sdb)

                2. Copy the file to the pendrive

                3. Run WinTech on the test machine (Windows XP SP3)

                4. I've entered Authorisation Code and after that Authenticated from test.sdb file

                5. Next I've chosen Get disk information to get Partition Start Sector and Partition Sector Count

                6. I used Force Crypt -> Decrypt option....

                 

                Why?

                 

                I know that using Force Crypt option is not safe but I must try this option. Last year I had 5-6 client machine with disk error and Force Crypt was the only option that I can remove SB. The next step was data recovery.

                So if I understand correctly:

                https://kc.mcafee.com/corporate/index?page=content&id=KB71582&cat=CORP_ENDPOINT_ ENCRYPTION_FOR_PC_5_2_6_&actp=LIST

                 

                if I'll have a disk error on Advanced Format in the future, I'll be able to use Force Crypt if the disk information will be corrupted?

                 

                Before I do anything with client disk I allways used to make an image of the disk. So it's ok for me- I use a copy

                 

                BR

                 

                Rafał

                • 5. Re: EEP vs Advanced Format disk

                  It's corrupted because you used force crypt, not because it's advanced format.

                   

                  if the disk information works, there's NO reason to use force crypt ever. It's only use is if the disk information is not valid.

                   

                  So, flush the MBR back, as long as you did everything correct the machine will boot fine - the error you have at the moment is because you decrypted the drive, but still have an encryption MBR there.

                   

                  And again, just to be clear - never use force crypt if the disk information is good.