Endpoint Encryption

 View Only

  • 1.  Hot to decrypt HD with SEE-FD serverless

    Posted Jan 13, 2015 05:16 PM

    Hi Guys,

     

    As much as I searched I can not find how to decrypt a disk (two partitions) that was encrypted with SEE-FD serverless.

    Someone could tell me how to do that..? SEE version is 11.0 (Build 7726)

    thank you very much.

     



  • 2.  RE: Hot to decrypt HD with SEE-FD serverless
    Best Answer

    Posted Jan 13, 2015 05:30 PM

    You can do it through the command line.  The documentation for the admin command line guide is here:
    http://www.symantec.com/docs/DOC7716

    The command you would want is:
    eedAdminCli --decrypt --disk <number> --au <AdminUserName> --ap <AdminPassword>

    It is on page 28 of the guide.  Let me know if you need anything else.

     



  • 3.  RE: Hot to decrypt HD with SEE-FD serverless

    Posted Jan 14, 2015 10:05 AM

    Thanks Mike.

    Two questions:

    FIRST:

    Is possible decrypt a partion only, for example partition 3. ?

    For my case this is the exit for eeAdminCli --status:

    Disk 0 is instrumented by Drive Encryption.
    Disk UUID: e3ee1c21-dcb7-4830-a402-dd69ec6eec1b
      Encryption process complete.
      Current key is valid.
      Current disk block mode is 3
    Volume Status - 7
    Volume C:\ on partition 2 : Encrypted.
      Total sectors: 209715200 highwatermark: 209715200
      Cipher Algorithm used: AES256
    Volume Status - 7
    Volume E:\ on partition 3 : Encrypted.
      Total sectors: 412348416 highwatermark: 412348416
      Cipher Algorithm used: AES256
    Request sent to Disk status was successful

    SECOND:

    I had enabled DESR (could verify this when the PC reboot) but appears FALSE. There is a way to enable it by CLI..?

    Disk information for disk 0.
      Model Number: Hitachi HTS725032A9A360
      Total number of sectors on disk:625137664
      Disk UUID: e3ee1c21-dcb7-4830-a402-dd69ec6eec1b
      OTP Used:  False, DESR Used:  False
    Request sent to Display disk information was successful

    Regards.

     

     



  • 4.  RE: Hot to decrypt HD with SEE-FD serverless

    Posted Jan 15, 2015 12:21 PM

    SEE Drive Encryption only operates on the disk level, and does not encrypt individual partitions.



  • 5.  RE: Hot to decrypt HD with SEE-FD serverless

    Posted Jan 15, 2015 01:12 PM

    Understood Mike,

    There is a way to enable DESR by CLI..? I had enabled it but appears FALSE.  This is the reason that led me to decrypt the disk again.

    Thanks.



  • 6.  RE: Hot to decrypt HD with SEE-FD serverless

    Posted Jan 16, 2015 02:10 AM

    Hello There,  

    If you haven’t decrypted already, You could try --unregister-user and again –register-user command line options on this disk, which will help you re-configured DESR answers again.