0 Replies Latest reply on Aug 7, 2014 5:57 PM by mcharris123

    Question about an ePO migration and encryption

    mcharris123

      The time has come to update our ePO from 4.6.7 to the latest and greatest. I am using this as an opportunity to update both the server OS and the separate database to the latest version I can (the old ePO server is running on Server 2003). This is a pretty straight forward proposition and I now have ePO 5.1 system up and running and am able to migrate systems between the old 4.6.7 environment and the new 5.1 environment. However, there is one major issue - encryption. We run Endpoint Encryption on around 300 laptops and the encryption keys do not migrate to the new environment. Once a laptop has been moved to ePO 5.1 I can no longer authenticate during the pre-boot. Help!

       

      KB79283 does clearly say:

       

      IMPORTANT:

      • Do not transfer an encrypted client between servers as encryption keys are not moved from one server to the other. Doing so will disassociate the client from its keys, resulting in users being locked out.

       

      However it doesn't supply a work-around (luckily I saw this before attempting to move any systems. I verified the statement is true by migrating a test laptop and sure enough I was locked out). I find it hard to believe that there isn't a way to accomplish this without completely decrypting all of our laptops. Can anyone provide any guidance?