1 Reply Latest reply on Nov 20, 2013 8:16 AM by SafeBoot

    Endpoint Encryption - Windows 7 task sequence - Remove EE MBR without changing Partition Table


      Hi there


      Hoping for a solution to an issue I have with rebuilding Windows 7 machines encrypted with EE 7.0.1.


      Here is my scenario:


      >SCCM 2012\Windows 7 task sequence

      >creates 2 partitions - partition 1 (C: drive, for OS image and apps) and partition 2 (D: drive, for user data, some of it redirected)

      >both partitions encrypted by EE 7.0.1


      What I need is to create a 'rebuild' task sequence which formats C: and installs Windows 7/apps, but which DOESN'T touch D: or any of the data stored upon it.


      I understand that EE writes to the MBR (to boot into EE before Windows) and this is where the challenge lies.


      As part of the task sequence I need to strip out the EE element in the MBR WITHOUT changing in any way the partition table.


      I'm testing this just now and sure enough, though the task sequence will format C: and apply theOS image and drivers, after the first reboot I get a black screen with 'EEPC has been corrupted'.


      Presumably this is because the EE-altered MBR thinks C: should stll be encrypted.


      Using bootsect I can reset the MBR and boot into Windows 7, the task sequence completes BUT the D: drive (though still) there has been wiped.


      So what I am looking for is a McAfee tool or script which I can incorporate into a task sequence which will cleanly remove the EE element of the MBR without doing anything else.


      I don't doubt there are McAfee tools/scripts which can achieve this, but it is crucial that the partition table must not be touched otherwise I lose the user data.


      I'd be grateful if someone could advise me on what McAfee tools/scripts to look at.


      Best regards