HP Dc5700 HP ProtectTools Security Manager Guide - Page 35
open Embedded Security, Click Yes
UPC - 882780819535
View all HP Dc5700 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 35 highlights
Short description Details Solution the system becomes active after Standby status Basic User password. If the user does not enter the password and the system goes into Standby, the password dialog box is no longer available when the user resumes. The user has to log off and back on to view the PSD password box again. No password required to change the Security Platform Policies. Access to Security Platform Policies (both Machine and User) does not require a TPM password for users who have administrative rights on the system. This is by design. Any administrator can modify the Security Platform Policies with or without TPM user initialization. Microsoft EFS does not fully work in Windows 2000. An administrator can access encrypted information on the system without knowing the correct password. If the administrator enters an incorrect password or cancels the password dialog, the encrypted file will open as if the administrator had entered the correct password. This happens regardless of the security settings used when encrypting the data. This occurs only in the first administrator account on Windows 2000. The Data Recovery Policy is automatically configured to designate an administrator as a recovery agent. When a user key cannot be retrieved (as in the case of entering the wrong password or canceling the Enter Password dialog), the file is automatically decrypted with a recovery key. This is due to the Microsoft EFS. Please refer to Microsoft Knowledge Base Technical Article Q257705 at http://www.microsoft.com for more information. The documents cannot be opened by a nonadministrator user When viewing a certificate, it shows as non-trusted. After setting up HP ProtectTools and running the User Initialization Wizard, the user has the ability to view the certificate issued; however, when viewing the certificate, it shows as non-trusted. While the certificate can be installed at this point by clicking the install button, installing it does not make it trusted. Self-signed certificates are not trusted. In a properly configured enterprise environment, EFS certificates are issued by online Certification Authorities and are trusted. Intermittent encrypt and decrypt error occurs: The process cannot access the file because it is being used by another process. Extremely intermittent error during file encryption or decryption occurs due to the file being used by another process, even though that file or folder is not being processed by the operating system or other applications. To resolve the failure: 1. Restart the system. 2. Log off. 3. Log back in. Data loss in removable storage occurs if storage is removed prior to new data generation or transfer. Removing storage mediums such as a MultiBay hard drive still shows PSD availability and does not generate errors while adding/modifying data to the PSD. After system restart, the PSD does not reflect file changes that occurred while the removable storage was not available. The issue is only experienced if the user accesses the PSD, then removes the hard drive before completing new data generation or transfer. If the user attempts to access the PSD when the removable hard drive is not present, an error message is displayed stating that the device is not ready. During uninstall, if user has not initialized the Basic User and opens the Administration tool, the Disable option is not available and Uninstaller will not continue until the Administration tool is closed. The user has the option of uninstalling either without disabling the TPM or by first disabling the TPM (through Admin. tool), then uninstalling. Accessing the Admin tool requires Basic User Key initialization. If basic initialization has not occurred, all options are inaccessible to the user. Since the user has explicitly chosen to open the Admin tool (by clicking Yes in the dialog box prompting Click Yes to open Embedded Security Administration tool), uninstall waits The Admin tool is used for disabling the TPM chip, but that option is not available unless the Basic User Key has already been initialized. If it has not, then select OK or Cancel in order to continue with the uninstallation process. ENWW Embedded Security for ProtectTools 29