1 Reply Latest reply on Oct 21, 2016 9:38 AM by SafeBoot

    Password recovery on DE 7.1.3 does not update AD

    christianmdu

      We have McAfee Disk Encryption DE 7.1.3 configured with single sign-on.

      If a user forgets their password at the McAfee pre-boot screen they can perform a self Recovery using a series of Questions and Answers they set up some time ago.

       

      Assuming the user remembers the answers to their questions, they are able to reset their password. They then log into McAfee with that new password, which signs them into Windows automatically via the SSO feature - great!

      McAfee has not updated the user's password in Active Directory. When the user locks their computer, and comes to unlock it, they enter in their new password (changed with McAfee earlier on in the day) it is invalid.

      Windows only knows of their old password.

       

      The user is stuck, unless the user reboots their computer, signs into McAfee and allow McAfee sign them on.

       

      Is there any way to configure DE to update AD when a password is changed?

        • 1. Re: Password recovery on DE 7.1.3 does not update AD

          EEPC has never changed or updated Windows passwords - it's the other way around. It detects Windows password changes and updates the EEPC password.

           

          Your company probably already has a process for resetting forgotten Windows passwords - you simply need to integrate that into your users behaviour, and they need to understand that the pre-boot password may be the same as the Windows password, but that's just for convenience and in fact the two passwords are very separate.