knowledge base mcafee endpoint encryption - unlocking an encrypted laptop
TRANSCRIPT
McAfeeEndpoint
Encryption
McAfee Endpoint Encryption Unlocking an Encrypted Laptop
KNOWLEDGEBASE (Intended Audience) This document is intended for System Administrators at Your Company
Document Ref & Version No:V1.0
Author: Approved by:
Revision Due Date: 1 year from issue Issue Date:
Document Control:
Document Title: File Name: Author: Date:
McAfee Endpoint Encryption Unlocking an Encrypted Laptop
10/04/2010
Version Control:
Version: Reason for Change Author/Editor: Date:
1.0 Initial Draft 10/04/20101.1 Final Draft
Purpose The purpose of this document is to aid the System Administrators and other technical staff at your company unlock a McAfee Endpoint Encrypted Laptop.
OverviewMcAfee Endpoint Encryption (formerly Safeboot) is a full disk and content encryption product. It is designed to encrypt files and folders on a your company laptop in order to ensure that restricted and sensitive data are protected against unauthorized access. McAfee Endpoint Encryption is particularly useful for helping to safeguard laptops containing sensitive information in the event they are lost or stolen.
In simple terms, the McAfee Endpoint Encryption client takes control of a hard disk away from the operating system. McAfee Endpoint Encryption encrypts data written to the disk, and decrypts data read from the disk. If the hard disk drive is read directly, one would find only encrypted data, even in the Windows swap file and temporary file areas.
Last updated: 7/04/2010 1 of 7 v1.0
Your Company McAfeeEndpoint
Encryption
Boot-Up/Login
An encrypted laptop upon power-up will display a “pre-boot screen”.
After successfully authenticating to this pre-boot screen, the users laptop will continue booting as normal. Since passwords have been synched, the Windows password will be automatically entered into the Windows logon window and the user will go straight into their desktop.
Incorrect logon message Error 0xe0010002 If the user enters the wrong credentials at the pre-boot screen, they will get an error message stating that
Authentication parameters incorrect.
Locked account message Error 0xe0010005 If the user enters their password incorrectly after a number of attempts, their ID will be disabled and they will see
Token is invalidated screen and the helpdesk must perform a User recovery
Incorrect username Error 0xe0010020
If the user enters an incorrect username they receive an unknown user name
message and the helpdesk must perform a Machine recovery
Last updated: 7/04/2010 2 of 7 v1.0
Your Company McAfeeEndpoint
Encryption
Password Recovery
User calls the Helpdesk
1. Ask the user to select Cancel to remove the login dialog box.
2. Then Select the Options link on the bottom left of the screen and select Recovery from the available options
Locked account Error 0xe0010005Incorrect logon Error 0xe0010002
3. Select User recovery, the user types in their username and clicks Next
Last updated: 7/04/2010 3 of 7 v1.0
Your Company McAfeeEndpoint
Encryption
Incorrect username Error 0xe0010020
4. Ensure the username you are using is correct. Select Machine recovery, click Next
Recovery screen laptop
5. The laptop displays a 16-character Client code string (challenge)
6. RDP onto the Safeboot server
Goto > Safeboot Administration
McAfee Endpoint Encryption Manager opens.
Goto Recovery > Perform recovery
Last updated: 7/04/2010 4 of 7 v1.0
Your Company McAfeeEndpoint
Encryption
Challenge Code screen
7. Ask the user to read out the client code on the laptop to the helpdesk and select Next.
8. The helpdesk enters the client code (challenge code) onto the server and clicks Next
Information screen
9. McAfee then locates the machine or user to unlock
Click Next
Recovery Options screen
10. For a User recovery in User options select
Reset the user’s password
click Next
11. For a Machine recovery in Machine options select
Boot the machine once
click Next
Last updated: 7/04/2010 5 of 7 v1.0
Your Company McAfeeEndpoint
Encryption
Recovery Code screen
The helpdesk reads back to the user a 17-character (response) code that the user enters into “Line1” on the Laptop Recovery screen
Note: For a disabled user this will be a 25-character code
Laptop Recovery screen
12. The user types in Line 1 the response code and selects Enter and then Finish.
There may be several strings of characters to enter, depending on your configuration.
NOTE: there are no Z, I, O or L in a response code
13. If the user enters incorrectly, they will receive following The response code you have entered is not vaild
Please check your entry and try again
If they see this screen, click the OK button to go back and re-enter the characters.
Last updated: 7/04/2010 6 of 7 v1.0
Your Company McAfeeEndpoint
Encryption
14. When the user successfully enters the response characters, they will be prompted for a new password
Your password is the default and must now be changed
If necessary reset the users AD password
This password must be at least 8 characters in length
15. When the user enters a new password correctly, they will get the confirmation
The recovery operation was successfully completed
16. Select OK the user will be placed back into the pre-boot screen. Select Password Only Token
17. The user can enter their username and new password, and select OK. They will then be booted into Windows as normal.
Last updated: 7/04/2010 7 of 7 v1.0