Home » HP Manuals » Laptops » HP ProBook 4525s » Manual Viewer

HP ProBook 4525s HP ProtectTools User Guide - Windows XP, Windows Vista, Windo - Page 93

Device Access Manager for HP ProtectTools, Device Access Manager - reviews

Add to My Manuals
Save this manual to your list of manuals

Page 93 highlights

Device Access Manager for HP ProtectTools Users have been denied access to devices within Device Access Manager, but the devices are still accessible. ● Explanation-Simple Configuration and/or Device Class Configuration have been used within Device Access Manager to deny users access to devices. Despite being denied access, users can still access the devices. ● Solution: ◦ Verify that the HP ProtectTools Device Locking service has started. ◦ As an administrative user, click Control Panel, and then click System and Maintenance. In the Administrative Tools window, click Services, and search for the HP ProtectTools Device Locking/Auditing service. Be sure that the service is started and that the startup type is Automatic A user has unexpected access to a device, or a user is unexpectedly denied access to a device. ● Explanation-Device Access Manager has been used to deny users access to some devices and allow users access to other devices. When the user is using the system, they can access devices they believe Device Access Manager has denied and are denied access to devices they believe Device Access Manager should allow. ● Solution: ◦ Use the Device Class Configuration within Device Access Manager to investigate the user's device settings. ◦ Click Security Manager, click Device Access Manager, and then click Device Class Configuration. Expand the levels in the Device Class tree and review the settings applicable to this user. Check for any "Deny" permissions that may be set on the user or any Windows Group of which they may be a member, e.g., Users, Administrators. Allow or deny-which takes precedence? ● Explanation-Within Device Class Configuration, the following configuration has been set: ◦ The Allow permission has been granted to a Windows group (e.g., BUILTIN\Administrators) and the Deny permission has been granted to another Windows group (e.g., BUILTIN\Users) at the same level in the device class hierarchy (e.g., DVD/CD-ROM Drives). ◦ If a user is a member of both those groups (e.g., Administrator), which takes precedence? ● Solution: ◦ The user is denied access to the device. Deny takes precedence over Allow. ◦ Access is denied because of the way in which Windows works out the effective permission for the device. One group is denied, and one group is allowed, but the user is a member of both groups. The user is denied because denying access is given precedence over allowing access. Device Access Manager for HP ProtectTools 85

Section	Page
Introduction to security	9
HP ProtectTools features	10
Achieving key security objectives	11
Protecting against targeted theft	11
Restricting access to sensitive data	11
Preventing unauthorized access from internal or external locations	11
Creating strong password policies	12
Additional security elements	13
Assigning security roles	13
Managing HP ProtectTools passwords	13
Creating a secure password	14
Backing up and restoring HP ProtectTools credentials	14
Getting started with the Setup Wizard	15
HP ProtectTools Security Manager Administrative Console	17
Opening the Administrative Console	18
Using the Administrative Console	19
Configuring your system	20
Setting up authentication for your computer	21
Logon Policy	21
Session Policy	21
Settings	22
Managing users	23
Specifying device settings	24
Fingerprints	24
Smart card	24
Face	24
Advanced settings	25
Configuring your applications	26
General tab	27
Applications tab	28
Management tools	29
Updates and Messages	30
HP ProtectTools Security Manager	31
Opening HP ProtectTools Security Manager	32
Using the Security Manager dashboard	33
Setup procedures	34
Registering credentials	34
Enrolling your fingerprints	34
Enrolling scenes	34
Advanced User Settings	35
Changing your Windows password	35
Setting up a smart card	36
General tasks	37
Password Manager	37
For Web pages or programs where a logon has not yet been created	37
For Web pages or programs where a logon has already been created	37
Adding logons	38
Editing logons	39
Using the Logons menu	39
Organizing logons into categories	39
Managing your logons	40
Assessing your password strength	40
Password Manager icon settings	41
Settings	41
Credentials	41
Your personal ID card	42
Setting your preferences	42
General	42
Fingerprint	43
Backing up and restoring your data	43
Discover more	44
Updates and Messages	44
Security Applications Status	44
Drive Encryption for HP ProtectTools (select models only)	45
Setup procedures	46
Opening Drive Encryption	46
General tasks	47
Activating Drive Encryption	47
Deactivating Drive Encryption	47
Logging in after Drive Encryption is activated	47
Protect your data by encrypting your hard drive	48
Displaying encryption status	48
Advanced tasks	49
Managing Drive Encryption (administrator task)	49
Encrypting or decrypting individual drives	49
Backup and recovery (administrator task)	49
Creating backup keys	49
Performing a recovery	50
Privacy Manager for HP ProtectTools (select models only)	51
Setup procedures	52
Opening Privacy Manager	52
Managing Privacy Manager Certificates	52
Requesting and installing a Privacy Manager Certificate	52
Requesting a Privacy Manager Certificate	53
Obtaining a preassigned Privacy Manager Corporate Certificate	53
Installing a Privacy Manager Certificate	53
Viewing Privacy Manager Certificate details	54
Renewing a Privacy Manager Certificate	54
Setting a default Privacy Manager Certificate	54
Deleting a Privacy Manager Certificate	54
Restoring a Privacy Manager Certificate	55
Revoking your Privacy Manager Certificate	55
Managing Trusted Contacts	55
Adding Trusted Contacts	56
Adding a Trusted Contact	56
Adding Trusted Contacts using Microsoft Outlook contacts	57
Viewing Trusted Contact details	57
Deleting a Trusted Contact	58
Checking revocation status for a Trusted Contact	58
General tasks	59
Using Privacy Manager in Microsoft Outlook	59
Configuring Privacy Manager for Microsoft Outlook	59
Signing and sending an e-mail message	59
Sealing and sending an e-mail message	60
Viewing a sealed e-mail message	60
Using Privacy Manager in a Microsoft Office 2007 document	60
Configuring Privacy Manager for Microsoft Office	61
Signing a Microsoft Office document	61
Adding a signature line when signing a Microsoft Word or Microsoft Excel document	61
Adding suggested signers to a Microsoft Word or Microsoft Excel document	61
Adding a suggested signer's signature line	62
Encrypting a Microsoft Office document	62
Removing encryption from a Microsoft Office document	63
Sending an encrypted Microsoft Office document	63
Viewing a signed Microsoft Office document	63
Viewing an encrypted Microsoft Office document	64
Using Privacy Manager in Windows Live Messenger	64
Starting a Privacy Manager Chat session	64
Configuring Privacy Manager for Windows Live Messenger	65
Chatting in the Privacy Manager Chat window	65
Viewing chat history	66
Reveal all sessions	66
Reveal sessions for a specific account	67
View a session ID	67
View a session	67
Search sessions for specific text	67
Delete a session	67
Add or remove columns	68
Filter displayed sessions	68
Displaying sessions for a specific account	68
Displaying sessions for a range of dates	68
Displaying sessions that are saved in a folder other than the default folder	68
Advanced tasks	69
Migrating Privacy Manager Certificates and Trusted Contacts to a different computer	69
Backing up Privacy Manager Certificates and Trusted Contacts	69
Restoring Privacy Manager Certificates and Trusted Contacts	69
Central administration of Privacy Manager	70
File Sanitizer for HP ProtectTools	71
Shredding	72
Free space bleaching	73
Setup procedures	74
Opening File Sanitizer	74
Setting a shred schedule	74
Setting a free space bleaching schedule	74
Selecting or creating a shred profile	75
Selecting a predefined shred profile	75
Customizing a shred profile	75
Customizing a simple delete profile	76
General tasks	77
Using a key sequence to initiate shredding	77
Using the File Sanitizer icon	78
Manually shredding one asset	78
Manually shredding all selected items	78
Manually activating free space bleaching	79
Aborting a shred or free space bleaching operation	79
Viewing the log files	79
Device Access Manager for HP ProtectTools (select models only)	80
Setup Procedures	81
Opening Device Access Manager	81
Configuring device access	81
Device administrators group	81
Simple Configuration	81
Starting background service	82
Device Class Configuration	83
Denying access to a user or group	84
Allowing access for a user or a group	85
Removing access for a user or a group	85
Allowing access to a class of devices for one user of a group	86
Allowing access to a specific device for one user of a group	86
Resetting the configuration	86
Advanced tasks	88
Controlling access to the configuration settings	88
Granting access to an existing group or user	88
Denying access to an existing group or user	89
Adding a new group or user	89
Removing group or user access	89
Related documentation	89
LoJack Pro for HP ProtectTools	90
Troubleshooting	91
HP ProtectTools Security Manager	91
Device Access Manager for HP ProtectTools	93
Miscellaneous	95
Glossary	96

Match case Limit results 1 per page

Device Access Manager for HP ProtectTools

Users have been denied access to devices within Device Access Manager, but the devices are

still accessible.

●

Explanation

—Simple Configuration and/or Device Class Configuration have been used within

Device Access Manager to deny users access to devices. Despite being denied access, users can

still access the devices.

●

Solution:

◦

Verify that the HP ProtectTools Device Locking service has started.

◦

As an administrative user, click

Control Panel

, and then click

System and Maintenance

. In

the Administrative Tools window, click

Services

, and search for the

HP ProtectTools Device

Locking/Auditing

service. Be sure that the service is started and that the startup type is

Automatic

A user has unexpected access to a device, or a user is unexpectedly denied access to a device.

●

Explanation

—Device Access Manager has been used to deny users access to some devices and

allow users access to other devices. When the user is using the system, they can access devices

they believe Device Access Manager has denied and are denied access to devices they believe

Device Access Manager should allow.

●

Solution:

◦

Use the Device Class Configuration within Device Access Manager to investigate the user's

device settings.

◦

Click

Security Manager

, click

Device Access Manager

, and then click

Device Class

Configuration

. Expand the levels in the Device Class tree and review the settings applicable

to this user. Check for any “Deny” permissions that may be set on the user or any Windows

Group of which they may be a member, e.g., Users, Administrators.

Allow or deny—which takes precedence?

●

Explanation

—Within Device Class Configuration, the following configuration has been set:

◦

The Allow permission has been granted to a Windows group (e.g., BUILTIN\Administrators)

and the Deny permission has been granted to another Windows group (e.g., BUILTIN\Users)

at the same level in the device class hierarchy (e.g., DVD/CD-ROM Drives).

◦

If a user is a member of both those groups (e.g., Administrator), which takes precedence?

●

Solution:

◦

The user is denied access to the device. Deny takes precedence over Allow.

◦

Access is denied because of the way in which Windows works out the effective permission

for the device. One group is denied, and one group is allowed, but the user is a member of

both groups. The user is denied because denying access is given precedence over allowing

access.

Device Access Manager for HP ProtectTools