Jump to content

Kstainton

ESET Staff
  • Posts

    24
  • Joined

  • Last visited

  • Days Won

    1

Posts posted by Kstainton

  1. Hi @secured2k,

    Here is a KB with some more technical details about what the tool is doing: https://support.eset.com/en/kb7394-technical-details-regarding-eset-endpoint-encryption-and-windows-feature-updates it also explains how you can do this via the WSUS method, providing the relevant Microsoft articles required to do this.

    The problem is that the driver is not available in the Windows installation image. Windows Feature updates contain a .wim image which uses windows RE (Recovery Environment).

    During the update the system boots to this image to perform the upgrade of the OS. This environment does not automatically use any extra drivers.


    What we do to perform the upgrade is use a feature of the setup to “reflect” the drivers through to the installation image:

    • Setup.exe command line switches - This is how the ESET Endpoint Encryption Windows Feature Updater Utility does it
    • SetupConfig.ini - This is supported by Windows Update or WSUS
  2. Hi @secured2k,

    Thank you for getting in touch, here is the KB that you requested regarding the ESET Windows Updater Utility: https://support.eset.com/en/kb7148-manually-install-windows-10-feature-updates-on-a-full-disk-encrypted-fde-system

    The error you are running into is due to the disk not being accessible during the update as it is Encrypted and Windows has not been told to use the Encryption Drivers in order to access the disk, this utility solves that problem by passing the required switches to allow Windows to use the Encryption Drivers and thus be able to access the disk.

    Thanks,

    Kieran 

  3. Hi All,

    I work in the team testing EEE/EFDE's compatibility with Windows 11 and may I just add that although we have not come across any major issues whilst upgrading and testing Encrypted Workstations that everyone take precautionary steps while updating to Windows 11. The last thing we want is any of you to run into issues we have been unable to predict because some systems could behave differently to the ones we have tested, and although we have tested a wide variety I would rather everyone take these precautions where possible to protect their data.

    This could be by taking backups of all important data from systems before doing the update and if having to update a large amount of systems, starting with a few beforehand then move on to doing more.

    Thank you,

    Kieran

  4. On 6/17/2021 at 5:49 PM, datarecovery said:

    Hello Kieran, thank you for answer.

    i'll check and let you know (we are helping our client). Can you point me where should i upload all necessary logs so you guys can try to handle this case?

     

    regards,

    David

    Hi David,

    If you are able to check for me that would be lovely, it will allow us to see if there is anything we can do to work out why the communication broke down :) 

    I would advise you to get in touch with your local ESET Support Centre here: https://www.eset.com/pl/support/contact-support

    Thank you,

    Kieran

  5. Hi @datarecovery,

    I am sorry to hear that your Local Support Centre wasn't able to assist you, may I ask who it was that you got in contact with in an attempt to resolve this issue, was it your Local ESET Supplier or Distributor? I would like to get in contact with them, so may you provide me their details. I'm afraid I cannot assist you with this issue on the forum as issues like this can be quite complex and I would likely need logs and more information from you in order to provide you with the correct resolution for your issue.

    Thank you,

    Kieran

  6. Hi @tmuster2k,

    Would you be able to get in touch with your local ESET Support Centre via the following link: https://www.eset.com/us/about/contact/, unfortunately it looks like something has preventing the Recovery Data from being accessible via the ESET Protect Cloud and we will need someone from the ESET Protect Cloud team to investigate this issue for you and see if they are able to find it on your behalf.

    Thank you,

    Kieran 

  7. Hi @Simon Simon,

    Unfortunately, this is a known issue with Adobe Acrobat Reader DC itself as it elevates itself under the System User Account. This prevents the Encryption Key required to decrypt the PDF file when accessing it being available to Adobe Acrobat Reader DC and therefore it will be denied access. 

    Here is some more context to the issue that occurs with Adobe not having access to the Encryption Keys: https://support.eset.com/en/kb7942-windows-user-context-and-encryption#users - Windows User context and Encryption

    The only workaround that I can suggest for this, is that you copy the PDF file outside of the Encrypted Folder/Encrypted USB, Edit the PDF file and then copy it back into the Encrypted Folder/Encrypted USB.

  8. 12 hours ago, Mr.Gains said:

    Turns out we had to manually clear the TPM on the device, which then we're able to start the encryption. Something I have to note next time I go through the process, but I thought EFDE clear the TPM when taking over?

    I am glad you managed to resolve the issue :D  

    However, I am afraid I can't provide any definitive answers about what could have caused this now it is resolved. As it would all be theoretical at this point, without logging etc. to assist beforehand.

  9. Hi @Mr.Gains,

    Thank you for getting in touch, may I suggest you contact your local ESET Support office via the following link: https://www.eset.com/us/about/contact/ as this will need investigating further, which I cannot provide over our forum due to the complexity behind some of these issues. When getting in touch with your local ESET Support office, could you provide the following logs from your machine: https://support.eset.com/en/kb7123-eset-endpoint-encryption-diagnostics-utility

    Thank you,

    Kieran

  10. Hi @Mauricio Osorio,

    When you FDE a Workstation it will be Encrypted for all of its users even if you add a new Windows user, however, based upon your message I feel you want to understand how to have a new user essentially take over the FDE'd device with the old user no longer being present or able to access the device.

    We actually have an article which should be able to help you move a FDE'd Workstation from an old user to a new user without having to decrypt it at all, please see here: http://support.deslock.com/KB287 - 
    Moving a managed ESET Endpoint Encryption workstation to a new owner

    Thank you,

    Kieran

  11. On 3/25/2021 at 11:13 AM, Lockbits said:

    Hi @Kstainton,

    Thank you. What does it mean that console is in legacy mode? Why this appeared if no change was made?

    We want to upgrade console to latest version. Is it safe considering this issue?

    Hi @Lockbits,

    Yes it is perfectly safe to upgrade to the latest version if your EEE Server is in Legacy Mode you'll only need to remove the ZIP file from the root of the EEE Server directory, the only reason your EEE Server is in Legacy Mode is due to you having previously installed DLPES v2.9.3 or earlier and then since upgraded to a later version.

    Thank you.

    P.S. Apologies for the late reply.

  12. Hi @Lockbits,

    Due to the EEE Server being in what we call "Legacy Mode" if it recognizes a ZIP folder being within the C:\Program Files (x86)\ESET Endpoint Encryption Server or C:\Program Files (x86)\Deslock+ Enterprise Server it will attempt to use it for a Legacy Restoration.

    We do apologize for the confusion this has caused. Hope you have a lovely day.

    Kind Regards,
    Kieran

  13. Hi @Leon Symnz

    Unfortunately we are unable to diagnose this issue via the Forum, therefore would you mind submitting a Support Case via the following link: https://www.eset.com/uk/about/contact/ with all of the details you have provided as well as the following Diagnostic Log: https://support.eset.com/en/kb7123-eset-endpoint-encryption-diagnostics-utility for one or some of the machines affected by this issue.

    Thank you.

    Kieran

  14. Hi @Markwd

    On your ESMC Server host machine you can use the following SQLCMD command to get the Workstation ID for a machine based upon its Computer Name:

    sqlcmd -S localhost\ERASQL -d era_db -Q "SELECT tbl_encryption_recovery_data.device_identifier FROM [era_db].[dbo].[tbl_computers] JOIN tbl_encryption_recovery_data ON tbl_computers.computer_uuid = tbl_encryption_recovery_data.device_uuid WHERE computer_name = 'COMPUTER NAME'"

    I hope this helps you as it will not require any contact with the customer in order to acquire the Workstation ID. Thank you.

  15. Hi Mark,

    I'm afraid this is not possible to do with EFDE, the Workstation ID can only be found on the EFDE Pre-boot login screen and within the EFDE Client via 'Help and Support' -> 'About ESET Full Disk Encryption'.

    May I ask why you need to obtain the Workstation ID remotely through either a Windows script or Commandline utility?

×
×
  • Create New...