1 Reply Latest reply on Apr 8, 2015 9:49 AM by jhall2

    Endpoint Encryption Error

    smaled

      Hi guys

       

      I have a user who has Endpoint Encryption on their laptop. Unfortunately we had an issue where all the user names (including the admin account) got removed from the laptops Endpoint Encryption, so we have no way of logging passed the Endpoint Encryption boot window.

       

      I have tried the recovery option on the laptop (Administrator/Smartphone Recovery) entering in the client code provided onto our ePO and then choosing machine recovery and entering the codes provided onto the laptop. This sprung up an error EE110001 The recovery response is not valid.

       

      Any ideas how I can get passed this?

       

      Normally I would just wipe the hard drive and start again, but this user is one of our EXCO members and has said they really can not lose data that is saved on the HD (typical I know)

       

      The product versions ect are below:

       

      Endpoint Encryption Agent: 7.1.0.389

      Endpoint Encryption for PC: 7.1.0.389

      ePO: 5.1.1

      ePO OS: Windows Server 2008 R2 SP1

      Laptop OS: Win7 SP1 64 bit

        • 1. Re: Endpoint Encryption Error
          jhall2

          There are several reasons why users will be removed from machines. The most common are:

           

          1. The machine was deleted either manually, via a server task, or the group was removed. To verify this, review the ePO Audit Log and see if the machine was deleted.

          2. VPN exclusions have not been set (KB52949). This can by verified by looking at the Drive Encryption service log (MfeEpe.log) for the machines LeafNode ID changing and reuploading it's keys to ePO. Search from the bottom of the log for " key " (with spaces on each side of the word).

           

          Because the admin recovery cannot be preformed, it seems more likely that that there is a VPN MAC address issue and KB52949 needs to be applied.

           

          To resolve the issue, you will first want to apply the solution found in KB52949 then boot to DETech Standalone and get the KeyCheck value for the machine. Export the recovery XML and use it to authenticate and emergency boot the system.