HP Dc5700 HP ProtectTools Security Manager Guide - Page 33

Embedded Security for ProtectTools, Error Applying, Attributes

Get HP Dc5700 - Compaq Business Desktop PDF manuals and user guides
UPC - 882780819535
View all HP Dc5700 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 33 highlights

Embedded Security for ProtectTools Short description Details Solution Encrypting folders, sub folders, and files on PSD causes error message. If the user copies files and folders to the PSD and tries to encrypt folders/files or folders/subfolders, the Error Applying Attributes message appears. The user can encrypt the same files on the C:\ drive on an extra installed hard drive. This is as designed. Moving files/folders to the PSD automatically encrypts them. There is no need to "double-encrypt" the files/ folders. Attempting to double-encrypt them using on the PSD using EFS will produce this error message. Cannot Take Ownership With Another OS In MultiBoot Platform. If a drive is set up for multiple OS boot, ownership can only be taken with the platform initialization wizard in one operating system. This is as designed, for security reasons. Unauthorized administrator can view, delete, rename, or move the contents of encrypted EFS folders. Encrypting a folder does not stop an unauthorized user with administrative rights to view, delete, or move contents of the folder. This is as designed. It is a feature of EFS, not the Embedded Security TPM. Embedded Security uses Microsoft EFS software, and EFS preserves file/folder access rights for all administrators. Encrypted folders with EFS in Windows 2000 are not shown highlighted in green. Encrypted folders with EFS are highlighted in green in Windows XP, but not in Windows 2000. This is as designed. It is a feature of EFS that it does not highlight encrypted folders in Windows 2000, but it does in Windows XP. This is true whether or not an Embedded Security TPM is installed. EFS does not require a password to view encrypted files in Windows 2000. If a user sets up the Embedded Security, logs on as an administrator, then logs off and back on as the administrator, the user can subsequently see files/folders in Windows 2000 without a password. This occurs only in the first administrator account on Windows 2000. If a secondary administrator account is being logged into, this does not occur. This is as designed. It is a feature of EFS in Windows 2000. EFS in Windows XP, by default, will not let the user open files/folders without a password. Software should not be installed on a restore with FAT32 partition. If the user attempts to restore the hard drive using FAT32, there will be no encrypt options for any files/folders using EFS. This is as designed. Microsoft EFS is supported only on NTFS and will not function on FAT32. This is a feature of Microsoft's EFS and is not related to HP ProtectTools software. Windows 2000 User can share to the network any PSD with the hidden ($) share. Windows 2000 User can share to the network any PSD with the hidden ($) share. The hidden share can be accessed over the network using the hidden ($) share. The PSD is not normally shared on the network, but it can be through the hidden ($) share in Windows 2000 only. HP recommends always having the built-in Administrator account password-protected. User is able to encrypt or delete the recovery archive XML file. By design, the ACLs for this folder is not set; therefore, a user can inadvertently or purposely encrypt or delete the file, making it inaccessible. Once this file has been encrypted or deleted, no one can use the TPM software. This is as designed. Users have access rights to an emergency archive in order to save/update their Basic User Key backup copy. Customers should adopt a 'best practices' security approach and instruct users never to encrypt or delete the recovery archive files. HP ProtectTools Embedded Security EFS interaction with Symantec Antivirus or Norton Antivirus produces longer Encrypted files interfere with Symantec Antivirus or Norton Antivirus 2005 virus scan. During the scan process, the Basic User password prompt asks the user for a password every 10 files or so. If the To reduce the time required to scan HP ProtectTools Embedded Security EFS files, the user can either enter the encryption password before scanning or decrypt before scanning. ENWW Embedded Security for ProtectTools 27

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
Embedded Security for ProtectTools
Short description
Details
Solution
Encrypting folders, sub
folders, and files on PSD
causes error message.
If the user copies files and folders to the
PSD and tries to encrypt folders/files or
folders/subfolders, the
Error Applying
Attributes
message appears. The user
can encrypt the same files on the C:\
drive on an extra installed hard drive.
This is as designed.
Moving files/folders to the PSD automatically encrypts
them. There is no need to “double-encrypt” the files/
folders. Attempting to double-encrypt them using on the
PSD using EFS will produce this error message.
Cannot Take Ownership
With Another OS In
MultiBoot Platform.
If a drive is set up for multiple OS boot,
ownership can only be taken with the
platform initialization wizard in one
operating system.
This is as designed, for security reasons.
Unauthorized
administrator can view,
delete, rename, or move
the contents of encrypted
EFS folders.
Encrypting a folder does not stop an
unauthorized user with administrative
rights to view, delete, or move contents
of the folder.
This is as designed.
It is a feature of EFS, not the Embedded Security TPM.
Embedded Security uses Microsoft EFS software, and
EFS preserves file/folder access rights for all
administrators.
Encrypted folders with
EFS in Windows 2000 are
not shown highlighted in
green.
Encrypted folders with EFS are
highlighted in green in Windows XP, but
not in Windows 2000.
This is as designed.
It is a feature of EFS that it does not highlight encrypted
folders in Windows 2000, but it does in Windows XP.
This is true whether or not an Embedded Security TPM
is installed.
EFS does not require a
password to view
encrypted files in
Windows 2000.
If a user sets up the Embedded Security,
logs on as an administrator, then logs off
and back on as the administrator, the
user can subsequently see files/folders
in Windows 2000 without a password.
This occurs only in the first administrator
account on Windows 2000. If a
secondary administrator account is
being logged into, this does not occur.
This is as designed.
It is a feature of EFS in Windows 2000. EFS in Windows
XP, by default, will not let the user open files/folders
without a password.
Software should not be
installed on a restore with
FAT32 partition.
If the user attempts to restore the hard
drive using FAT32, there will be no
encrypt options for any files/folders using
EFS.
This is as designed.
Microsoft EFS is supported only on NTFS and will not
function on FAT32. This is a feature of Microsoft's EFS
and is not related to HP ProtectTools software.
Windows 2000 User can
share to the network any
PSD with the hidden ($)
share.
Windows 2000 User can share to the
network any PSD with the hidden ($)
share. The hidden share can be
accessed over the network using the
hidden ($) share.
The PSD is not normally shared on the network, but it
can be through the hidden ($) share in Windows 2000
only. HP recommends always having the built-in
Administrator account password-protected.
User is able to encrypt or
delete the recovery
archive XML file.
By design, the ACLs for this folder is not
set; therefore, a user can inadvertently or
purposely encrypt or delete the file,
making it inaccessible. Once this file has
been encrypted or deleted, no one can
use the TPM software.
This is as designed.
Users have access rights to an emergency archive in
order to save/update their Basic User Key backup copy.
Customers should adopt a 'best practices' security
approach and instruct users never to encrypt or delete
the recovery archive files.
HP ProtectTools
Embedded Security EFS
interaction with Symantec
Antivirus or Norton
Antivirus produces longer
Encrypted files interfere with Symantec
Antivirus or Norton Antivirus 2005 virus
scan. During the scan process, the Basic
User password prompt asks the user for
a password every 10 files or so. If the
To reduce the time required to scan HP ProtectTools
Embedded Security EFS files, the user can either enter
the encryption password before scanning or decrypt
before scanning.
ENWW
Embedded Security for ProtectTools
27