2 Replies Latest reply on Sep 25, 2014 4:04 PM by l3370

    Ctrl Alt Delete to login missing

    l3370

      Our endpoint systems are configured to have "Ctrl Alt Del" to login. After OPAL encrypting these devices, the Ctr Alt Del prompt goes away. Anyone see this condition before?

       

      We are using ePO 5.1, DE 5.1 on Windows 7 endpoints.  Prior to OPAL encryption, the group policy and reg keys are all configured to display the Ctr Alt Del message. Imeediately after OPAL encryption, this condition changes.

       

      the following reg key is modified

      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\dis ablecad = 1

       

      Interestingly enough, i can manually change this value back to zero, and it immediately changes back to 1.  I have tried this on OEM devices not joined to the domain and to validate AD group policies are not interfering.  My ePO policies look solid, I don't see anything configured that would remove ctrl alt del... is there an epo setting that could do this?

        • 1. Re: Ctrl Alt Delete to login missing
          securitasis

          We're getting ready to upgrade to DE 7.1.1, have the same GPO enforcement and OPAL drives. So I am curious to know the answer to this also. Thanks.

          • 2. Re: Ctrl Alt Delete to login missing
            l3370

            I have found the cause and fix.

             

            Its the Product settings for the Drive Encryption policy...  Look for the "Log On" tab then look at "Enable SSO." Toggling this off will bring back the Ctrl Alt Del prompt. We are using Reactive Autoboot, so it's less important for us-- For PBA users, i guess it's just a matter of knowing and expecting this will happen. Might as well discard the GPO because it will be useless after enabling SSO.

             

            What annoyed me was I had been on a month long quest to figure this out and tier 1 and 2 support seemed baffled by it-- and had me chasing non problematic group policies and installing patches and drivers one by one on OEM images. Seems like a pretty straight forward config to understand.@