Home » HP Manuals » Laptops » HP ProBook 4525s » Manual Viewer

HP ProBook 4525s HP ProtectTools User Guide - Windows XP, Windows Vista, Windo - Page 83

Device Class Configuration, User Access Settings, Device List, User List, Example 1 - windows 8 drivers

Add to My Manuals
Save this manual to your list of manuals

Page 83 highlights

Stopping the Device Locking/Auditing service does not stop the device locking. Two components enforce device locking: ● Device Locking/Auditing service ● DAMDrv.sys driver Starting the service starts the device driver, but stopping the service does not stop the driver. To determine whether the background service is running, open a command prompt window, and then type sc query flcdlock. To determine whether the device driver is running, open a command prompt window, and then type sc query damdrv. Device Class Configuration Administrators and authorized users can view and modify lists of users and groups that are allowed or denied permission to access classes of devices or specific devices. NOTE: In order to use this view to read device access information, the user or group must be granted "read" access in the User Access Settings view. In order to use this view to modify device access information, the user or group must be granted "change" access in the User Access Settings view. The Device Class Configuration view has the following sections: ● Device List-Shows all the device classes and devices that are installed on the system or that may have been installed on the system previously. ◦ Protection is usually applied for a device class. A user or group selected will be able to access any device in the device class. ◦ Protection may also be applied to specific devices. ● User List-shows all users and groups that are allowed or denied access to the selected device class or specific device. ◦ The User List entry may be made for a specific user, or for a group of which the user is a member. ◦ If a user or group entry in the User List is unavailable, the setting has been inherited from the device class in the Device List or from the Class folder. ◦ Some device classes, such as DVD and CD-ROM, may be further controlled by allowing or denying access separately for read and write operations. As for other devices and classes, read and write access rights can be inherited. For instance, Read access may be inherited from a higher class, but Write access may be specifically denied for a user or group. NOTE: If the Read check box is blank, then the access control entry has no effect on read access to the device. It neither grants nor denies read access to the device. Example 1-If a user or group is denied write access for a device or class of devices: The same user, the same group, or a member of the same group can be granted write access or read+write access only for a device below this device in the device hierarchy. Example 2-If a user or group is allowed write access for a device or class of devices: Setup Procedures 75

Section	Page
Introduction to security	9
HP ProtectTools features	10
Achieving key security objectives	11
Protecting against targeted theft	11
Restricting access to sensitive data	11
Preventing unauthorized access from internal or external locations	11
Creating strong password policies	12
Additional security elements	13
Assigning security roles	13
Managing HP ProtectTools passwords	13
Creating a secure password	14
Backing up and restoring HP ProtectTools credentials	14
Getting started with the Setup Wizard	15
HP ProtectTools Security Manager Administrative Console	17
Opening the Administrative Console	18
Using the Administrative Console	19
Configuring your system	20
Setting up authentication for your computer	21
Logon Policy	21
Session Policy	21
Settings	22
Managing users	23
Specifying device settings	24
Fingerprints	24
Smart card	24
Face	24
Advanced settings	25
Configuring your applications	26
General tab	27
Applications tab	28
Management tools	29
Updates and Messages	30
HP ProtectTools Security Manager	31
Opening HP ProtectTools Security Manager	32
Using the Security Manager dashboard	33
Setup procedures	34
Registering credentials	34
Enrolling your fingerprints	34
Enrolling scenes	34
Advanced User Settings	35
Changing your Windows password	35
Setting up a smart card	36
General tasks	37
Password Manager	37
For Web pages or programs where a logon has not yet been created	37
For Web pages or programs where a logon has already been created	37
Adding logons	38
Editing logons	39
Using the Logons menu	39
Organizing logons into categories	39
Managing your logons	40
Assessing your password strength	40
Password Manager icon settings	41
Settings	41
Credentials	41
Your personal ID card	42
Setting your preferences	42
General	42
Fingerprint	43
Backing up and restoring your data	43
Discover more	44
Updates and Messages	44
Security Applications Status	44
Drive Encryption for HP ProtectTools (select models only)	45
Setup procedures	46
Opening Drive Encryption	46
General tasks	47
Activating Drive Encryption	47
Deactivating Drive Encryption	47
Logging in after Drive Encryption is activated	47
Protect your data by encrypting your hard drive	48
Displaying encryption status	48
Advanced tasks	49
Managing Drive Encryption (administrator task)	49
Encrypting or decrypting individual drives	49
Backup and recovery (administrator task)	49
Creating backup keys	49
Performing a recovery	50
Privacy Manager for HP ProtectTools (select models only)	51
Setup procedures	52
Opening Privacy Manager	52
Managing Privacy Manager Certificates	52
Requesting and installing a Privacy Manager Certificate	52
Requesting a Privacy Manager Certificate	53
Obtaining a preassigned Privacy Manager Corporate Certificate	53
Installing a Privacy Manager Certificate	53
Viewing Privacy Manager Certificate details	54
Renewing a Privacy Manager Certificate	54
Setting a default Privacy Manager Certificate	54
Deleting a Privacy Manager Certificate	54
Restoring a Privacy Manager Certificate	55
Revoking your Privacy Manager Certificate	55
Managing Trusted Contacts	55
Adding Trusted Contacts	56
Adding a Trusted Contact	56
Adding Trusted Contacts using Microsoft Outlook contacts	57
Viewing Trusted Contact details	57
Deleting a Trusted Contact	58
Checking revocation status for a Trusted Contact	58
General tasks	59
Using Privacy Manager in Microsoft Outlook	59
Configuring Privacy Manager for Microsoft Outlook	59
Signing and sending an e-mail message	59
Sealing and sending an e-mail message	60
Viewing a sealed e-mail message	60
Using Privacy Manager in a Microsoft Office 2007 document	60
Configuring Privacy Manager for Microsoft Office	61
Signing a Microsoft Office document	61
Adding a signature line when signing a Microsoft Word or Microsoft Excel document	61
Adding suggested signers to a Microsoft Word or Microsoft Excel document	61
Adding a suggested signer's signature line	62
Encrypting a Microsoft Office document	62
Removing encryption from a Microsoft Office document	63
Sending an encrypted Microsoft Office document	63
Viewing a signed Microsoft Office document	63
Viewing an encrypted Microsoft Office document	64
Using Privacy Manager in Windows Live Messenger	64
Starting a Privacy Manager Chat session	64
Configuring Privacy Manager for Windows Live Messenger	65
Chatting in the Privacy Manager Chat window	65
Viewing chat history	66
Reveal all sessions	66
Reveal sessions for a specific account	67
View a session ID	67
View a session	67
Search sessions for specific text	67
Delete a session	67
Add or remove columns	68
Filter displayed sessions	68
Displaying sessions for a specific account	68
Displaying sessions for a range of dates	68
Displaying sessions that are saved in a folder other than the default folder	68
Advanced tasks	69
Migrating Privacy Manager Certificates and Trusted Contacts to a different computer	69
Backing up Privacy Manager Certificates and Trusted Contacts	69
Restoring Privacy Manager Certificates and Trusted Contacts	69
Central administration of Privacy Manager	70
File Sanitizer for HP ProtectTools	71
Shredding	72
Free space bleaching	73
Setup procedures	74
Opening File Sanitizer	74
Setting a shred schedule	74
Setting a free space bleaching schedule	74
Selecting or creating a shred profile	75
Selecting a predefined shred profile	75
Customizing a shred profile	75
Customizing a simple delete profile	76
General tasks	77
Using a key sequence to initiate shredding	77
Using the File Sanitizer icon	78
Manually shredding one asset	78
Manually shredding all selected items	78
Manually activating free space bleaching	79
Aborting a shred or free space bleaching operation	79
Viewing the log files	79
Device Access Manager for HP ProtectTools (select models only)	80
Setup Procedures	81
Opening Device Access Manager	81
Configuring device access	81
Device administrators group	81
Simple Configuration	81
Starting background service	82
Device Class Configuration	83
Denying access to a user or group	84
Allowing access for a user or a group	85
Removing access for a user or a group	85
Allowing access to a class of devices for one user of a group	86
Allowing access to a specific device for one user of a group	86
Resetting the configuration	86
Advanced tasks	88
Controlling access to the configuration settings	88
Granting access to an existing group or user	88
Denying access to an existing group or user	89
Adding a new group or user	89
Removing group or user access	89
Related documentation	89
LoJack Pro for HP ProtectTools	90
Troubleshooting	91
HP ProtectTools Security Manager	91
Device Access Manager for HP ProtectTools	93
Miscellaneous	95
Glossary	96

Match case Limit results 1 per page

Stopping the Device Locking/Auditing service does not stop the device locking. Two components

enforce device locking:

●

Device Locking/Auditing service

●

DAMDrv.sys driver

Starting the service starts the device driver, but stopping the service does not stop the driver.

To determine whether the background service is running, open a command prompt window, and then

type

sc query flcdlock

To determine whether the device driver is running, open a command prompt window, and then type

query damdrv

Device Class Configuration

Administrators and authorized users can view and modify lists of users and groups that are allowed or

denied permission to access classes of devices or specific devices.

NOTE:

In order to use this view to read device access information, the user or group must be granted

"read" access in the

User Access Settings

view. In order to use this view to modify device access

information, the user or group must be granted "change" access in the

User Access Settings

view.

The Device Class Configuration view has the following sections:

●

Device List

—Shows all the device classes and devices that are installed on the system or that

may have been installed on the system previously.

◦

Protection is usually applied for a device class. A user or group selected will be able to access

any device in the device class.

◦

Protection may also be applied to specific devices.

●

User List

—shows all users and groups that are allowed or denied access to the selected device

class or specific device.

◦

The User List entry may be made for a specific user, or for a group of which the user is a

member.

◦

If a user or group entry in the User List is unavailable, the setting has been inherited from the

device class in the Device List or from the Class folder.

◦

Some device classes, such as DVD and CD-ROM, may be further controlled by allowing or

denying access separately for read and write operations.

As for other devices and classes, read and write access rights can be inherited. For instance,

Read access may be inherited from a higher class, but Write access may be specifically

denied for a user or group.

NOTE:

If the Read check box is blank, then the access control entry has no effect on read

access to the device. It neither grants nor denies read access to the device.

Example 1

—If a user or group is denied write access for a device or class of devices:

The same user, the same group, or a member of the same group can be granted write access

or read+write access only for a device below this device in the device hierarchy.

Example 2

—If a user or group is allowed write access for a device or class of devices:

Setup Procedures