1 Reply Latest reply on Apr 18, 2017 11:36 AM by nborson

    Error EE0800006 Smart card reader not present in pre-boot authentication

    nborson

      I have a vexing problem with Endpoint Encryption on one of our laptops. Our agency requires use of two-factor authentication for logging on, using personal identity verification cards ("PIV cards," HSPD-12 cards," "smart cards"). PIV card logon repeatably fails for pre-boot authentication on this system.

       

      • System description: Dell Latitude E6540, Windows 7 Enterprise 64-bit, external USB smart card readers (Omnikey 3121, Identive SCR3500), ePO agent 5.0.2.132, Drive Encryption Agent and Drive Encryption: Windows, both ver 7.2.0.456
      • Problem: No smart card reader at pre-boot authentication after system re-start.
      • Steps to repeat problem:
        1. Re-start Windows with or without AC power connected, or shut down Windows and then start computer while AC power is connected. External smartcard reader is plugged in (this laptop has no internal smart card reader). Smart card is inserted in the reader.
        2. Pre-boot authentication screen appears with prompt to enter user name.
        3. Click "Poll Card" button. Error dialog box appears with title McAfee Drive Encyryption (FIPS) and this message: "Error EE0800006 Smart card reader not present."
      • Work-around 1:
        1. Shut down or (if at pre-boot screen) turn off system.
        2. If AC power is connected, unplug AC power cord and either plug it back in, or leave unplugged and run on battery.
        3. Start system and MEE detects the smart card reader until the next time the system restarts.
      • Work-around 2:
        1. Turn off system. Turn on system. In this work-around, it doesn't matter whether AC power is plugged in.
        2. Press F12 at Dell screen to launch boot menu.
        3. Select BIOS Setup.
        4. Click the Exit button.
        5. System reboots and MEE detects the smart card reader until next re-start.
      • What I have tried and observed
        • System's user reports this problem has gotten gradually worse over time, but I have no statistics. At this point (laptop turned in to help desk), problem is consistent and repeatable.
        • Identical system laptop purchased at same time and set up in same way does not exhibit this problem.
          • Swapping hard drives between these two systems causes the problem to follow the HDD, not the system, suggesting the problem is software-related.
          • Both systems were originally set up the same way, manual clean install from Windows 7 enterprise DVD.
          • Using same power supply and external PIV card reader.
          • Both systems have installed products Drive Encryption Agent and Drive Encryption: Windows, both ver 7.2.0.456.
          • Agent version differs. Working system has agent 4.8.0.1995, problem system has 5.0.2.132.
          • Good system has installed products that are not on problem system: ePO Deep Command Detection Plugin 2.1.0.377, Drive Encryption Go 7.0.3.413, Product Coverage Reports 4.8.0.1995.
        • I re-installed Windows on problem system using enterprise Windows 7 system image, and installed latest DAR. Problem continues.
        • Upgraded problem system to latest BIOS version, no change.
        • Chkdsk c: /r (after installation of MEE) made routine file system repairs ("cleaning up 404 unused index entries," "discovered free space marked as allocated," "0 bad clusters"), but did not solve the problem.
        • Dell built-in diagnostics find no problems on either of these identical laptops, using thorough test mode for HDD.
        • Tried another card reader. Both card readers used with this system work fine in Windows, with the work-around, and on other PCs.
        • Tried each of the laptop's four USB ports with same result.

       

      Any suggestions would be most welcome!