Endpoint Encryption

 View Only

  • 1.  Preboot auth window not showing

    Posted Dec 29, 2014 07:33 PM

    Encrypted computer in serverless mode on boot shows a white screen for 2 seconds then continues to windows login?  Running Endpoint Encryption v11

    Sorry I'm new to this.



  • 2.  RE: Preboot auth window not showing
    Best Answer

    Posted Jan 19, 2015 08:23 AM

    In general if the disk was encrypted, then you should be getting a pre-boot authentication window screen where you have to authenticate to access the encrypted disk.  If it is not happening, then I guess your disk may not be encrypted. You may want to use a Command Line tool to check the disk status.

    eedAdminCli -–status -–disk <number>

    If you want to get more information about the Command Line, please check the command line guide. Here is the link: http://www.symantec.com/docs/DOC7716

    Additionally, I would not recommend using SEE standalone installation because SEE is designed to be used in a completely managed environment. If you want to encrypt the disk on a standalone machine, then I would recommend using a Symantec Encryption Desktop product.  You will find this discussion in the following link:

    https://www-secure.symantec.com/connect/forums/see-110-serverless-installation

    Hope it helps.



  • 3.  RE: Preboot auth window not showing

    Posted Jan 19, 2015 10:19 AM

    There have been several issues reported where this behavior takes place.  There are a couple things that might be a problem off the top of my head:

    1.  Is the system running Windows 8 or 8.1?  If so, are you using a microsoft live account to log in to Windows?  This will cause the software to fail when registering a user account, so when pre-boot authentication should be happening, it sees that the drive is encrypted but there are no valid users, so it can log straight through to the Windows login.  This occurs in part because the system is expecting a domain user in a managed environment.

    2.  What type of hard drive do you have?  Hybrid drives often present this problem, and it may be due to the system trying to read the user access list from the SSD part of the drive, and failing to locate it, then not properly checking the rest of the drive.  It also may be caused by the system only accessing the SSD part of the drive when trying to automatically create the user account, which then fails to add the user appropriately.  So far we have been unable to get much information regarding this issue, as some hybrid drives work appropriately, and others do not.  In some cases, adding the user account through the command line can fix this issue.

    In either case, I would suggest decrypting using the client administrator account in the command line, and getting Symantec Encryption Desktop 10.3.2 mp6 instead.  The command line guide can be found here:
    http://www.symantec.com/docs/DOC7716

    The command you want should look something like this:
    eedAdminCli --decrypt --disk <number> --au <AdminUserName> --ap <AdminPassword>

    For example:
    eedAdminCli --decrypt --disk 0 --au ClientAdmin --ap Password