6 Replies Latest reply on Aug 19, 2015 2:00 PM by Troja

    EEPC Policy Enforcement Failed

    srikanth08

      Hi,

       

      In one of the Dell E5450 new Windows 8.1 laptop, when we deploy EEPC it is showing the encryption agent status as inactive always. and local users are unable to add in the eepc. Please help.

       

      Regards,

      S.Srikanth

        • 1. Re: EEPC Policy Enforcement Failed
          catdaddy

          Moved to Encryption: EEM Managed > Discussions for better assistance.

          If needed to be moved elsewhere, please apprise

           

          Cliff

          Moderator

          • 2. Re: EEPC Policy Enforcement Failed
            Sathish L

            EEPC 7.0.x versions are not compatible with windows 8.1, please refer the following KB article KB76804

             

            Mfeepe.log records the following error message:

             

            ERROR   EpoPlugin                        userHandler: failing policy enforcement: a logged on domain user is required for activation.

             

            Local users are not supported with EEPC, However, you can use the "user directory"  management console to manage standalone users on the ePO console after upgrading to drive encryption 7.1.x.

            • 3. Re: EEPC Policy Enforcement Failed
              srikanth08

              Hi,

              we are using EEPC 7.1.0.389 not the old version. so far we can able to deploy EEPC and is working fine. suddenly we are getting the mentioned error.

              they are not local users they are domain users only. up to now this also automatically added to the user machine from one week onwards not able to add.

               

              Regards,

              S.Srikanth

              • 4. Re: EEPC Policy Enforcement Failed
                srikanth08

                Dear All,

                 

                Awaiting Reply.

                • 5. Re: EEPC Policy Enforcement Failed
                  Sathish L

                  Please test the LDAP connection in the registered server and see it's connecting successfully with the active directory.

                  • 6. Re: EEPC Policy Enforcement Failed
                    Troja

                    Hi @srikanth,

                    Drive Encryption 7.1.x should be fine with Windows 8.1. But there can be several problems why Preboot does not work.

                    - Agent or Policy problems.

                    - Problems with the Data Channel.

                    - LDAP Problems or sync problems e.g. if the FQDN of the user changes. Take a look at the logs on EPO is the synchronization works.

                    - A conflict with another security software installed

                    - Are you using Drive Encryption GO? If yes, how are the policy settings...

                    - We have you check what program versions are in place (Agent, Drive Encryption Agent, Drive Encryption SW and so on)

                    - What is the extension version?

                    - Have you checked the EPO Server logs for any errors?


                    As mentioned above, you cannot add local users. Local domain users means any local stored domain profile (username) is synced to Preboot and the username is available.

                    - You can try to enable "Data Base Mirroring".

                    - Have you tested to add users from the "User directory"?

                     

                     

                    The infos in the logfile is showing a problem with adding users to Preboot. Based on this information it is not possible to figure out why the users cannot be added, sorry.

                    To figure you have to check anything described above.

                     

                    I think it is useful to rise a ticket at McAfee support and adding a MER result. So the McAfee technician is able to take a deeper look into the problem

                    Cheers