Compaq 2710p ProtectTools - Windows Vista and Windows XP - Page 80
Power-on, authentication support, Reset to Factory, Settings, Reset to Factory Settings
View all Compaq 2710p manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 80 highlights
Software Impacted- Short description Details Solution an error is returned when upper right of the screen to close closing the Security Security Manager before all plug-in Manager interface. applications have finished loading. Manager. Since PTHOST.exe is the shell housing the other applications (plug-ins), it depends on the ability of the plug-in to complete its load time (services). Closing the shell before the plug-in has had time to complete loading is the root cause. Allow Security Manager to complete the services loading message (seen at top of Security Manager window) and all plug-ins listed in left column. To avoid failure, allow a reasonable time for these plug-ins to load. HP ProtectTools- Unrestricted access or uncontrolled administrator privileges pose security risk. Numerous risks are possible with unrestricted access to the client PC, including the following: ● Deletion of PSD ● Malicious modification of user settings ● Disabling of security policies and functions Administrators are encouraged to follow "best practices" in restricting end-user privileges and restricting user access. Unauthorized users should not be granted administrative privileges. The BIOS and OS Embedded Security passwords are out of synch. If a user does not validate a new password as the BIOS Embedded Security password, the BIOS Embedded Security password reverts back to the original embedded security password through f10 BIOS. This is functioning as designed; these passwords can be re-synchronized by changing the OS Basic User password and authenticating it at the BIOS Embedded Security password prompt. Only one user can log on to the system after TPM preboot authentication is enabled in BIOS. The TPM BIOS PIN is associated with the first user who initializes the user setting. If a computer has multiple users, the first user is, in essence, the administrator. The first user will have to give his TPM user PIN to other users to use to log on. This is functioning as designed; HP recommends that the customer's IT department follow good security policies for rolling out their security solution and ensuring that the BIOS administrator password is configured by IT administrators for system level protection. The user has to change their PIN to make TPM preboot work after a TPM factory reset. The user has to change their PIN or create another user to initialize their user setting to make TPM BIOS authentication work after reset. There is no option to make TPM BIOS authentication work. This is as designed; the factory reset clears the Basic User Key. The user must change his user PIN or create a new user to re-initialize the Basic User Key. Power-on authentication support is not set to default using Embedded Security Reset to Factory Settings In Computer Setup, the Power-on authentication support option is not being reset to factory settings when using the Embedded Security Device option Reset to Factory Settings. By default, Power-on authentication support is set to Disable. The Reset to Factory Settings option disables Embedded Security Device, which hides the other Embedded Security options (including Power-on authentication support). However, after reenabling Embedded Security Device, Power-on authentication support remains enabled. HP is working on a resolution, which will be provided in future Web-based ROM SoftPaq offerings. 74 Chapter 8 Troubleshooting ENWW