HP Dc5850 HP Protect Tools Guide - Page 59

Embedded Security for HP ProtectTools - bios reset

Get HP Dc5850 - Compaq Business Desktop PDF manuals and user guides
UPC - 884962022993
View all HP Dc5850 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 59 highlights

Short description Details Solution Restoring Embedded Credential Manager fails to register any The HP Credential Manager for ProtectTools fails to Security causes credentials after the ROM is restored to access the TPM if the ROM was reset to factory settings Credential Manager to fail. factory settings. after the Credential Manager installation. The TPM embedded security chip can be enabled in the BIOS Computer Setup utility, BIOS Configuration for ProtectTools, or HP Client Manager. To enable the TPM embedded security chip: 1. Open Computer Setup by turning on or restarting the computer, and then pressing F10 while the F10 = ROM Based Setup message is displayed in the lower-left corner of the screen. 2. Use the arrow keys to select Security > Setup Password. Set a password. 3. Select Embedded Security Device. 4. Use the arrow keys to select Embedded Security Device-Disable. Use the arrow keys to change it to Embedded Security Device-Enable. 5. Select Enable > Save changes and exit. HP is investigating resolution options for future customer software releases. Security Restore Identity process loses association with virtual token. When user restores identity, Credential Manager can lose association with the location of the virtual token at login screen. Even though Credential Manager has the virtual token registered, user must reregister the token to restore association. This is currently by design. When uninstalling Credential Manager without keeping identities, the system (server) part of the token is destroyed, so the token cannot be used anymore for logon, even if the client part of the token is restored through identity restore. HP is investigating long-term options for resolution. Embedded Security for HP ProtectTools Short description Details Solution Encrypting folders, sub folders, and files on PSD causes error message. If the user copies files and folders to the PSD and tries to encrypt folders/files or folders/subfolders, the Error Applying Attributes message appears. The user can encrypt the same files on the C:\ drive on an extra installed hard drive. This is as designed. Moving files/folders to the PSD automatically encrypts them. There is no need to "double-encrypt" the files/ folders. Attempting to double-encrypt them using on the PSD using EFS will produce this error message. Cannot Take Ownership With Another OS In MultiBoot Platform. If a drive is set up for multiple OS boot, ownership can only be taken with the platform initialization wizard in one operating system. This is as designed, for security reasons. Unauthorized administrator can view, delete, rename, or move the contents of encrypted EFS folders. Encrypting a folder does not stop an unauthorized user with administrative rights to view, delete, or move contents of the folder. This is as designed. It is a feature of EFS, not the Embedded Security TPM. Embedded Security uses Microsoft EFS software, and EFS preserves file/folder access rights for all administrators. Encrypted folders with EFS in Windows 2000 are not shown highlighted in green. Encrypted folders with EFS are highlighted in green in Windows XP, but not in Windows 2000. This is as designed. It is a feature of EFS that it does not highlight encrypted folders in Windows 2000, but it does in Windows XP. Embedded Security for HP ProtectTools 53

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
Short description
Details
Solution
Restoring Embedded
Security causes
Credential Manager to fail.
Credential Manager fails to register any
credentials after the ROM is restored to
factory settings.
The HP Credential Manager for ProtectTools fails to
access the TPM if the ROM was reset to factory settings
after the Credential Manager installation.
The TPM embedded security chip can be enabled in the
BIOS Computer Setup utility, BIOS Configuration for
ProtectTools, or HP Client Manager. To enable the
TPM embedded security chip:
1.
Open Computer Setup by turning on or restarting
the computer, and then pressing
F10
while the
F10 = ROM Based Setup
message is displayed
in the lower-left corner of the screen.
2.
Use the arrow keys to select
Security
>
Setup
Password
. Set a password.
3.
Select
Embedded Security Device
.
4.
Use the arrow keys to select
Embedded Security
Device—Disable
. Use the arrow keys to change
it to
Embedded Security Device—Enable
.
5.
Select
Enable
>
Save changes and exit
.
HP is investigating resolution options for future
customer software releases.
Security
Restore Identity
process loses association
with virtual token.
When user restores identity, Credential
Manager can lose association with the
location of the virtual token at login
screen. Even though Credential
Manager has the virtual token registered,
user must reregister the token to restore
association.
This is currently by design.
When uninstalling Credential Manager without keeping
identities, the system (server) part of the token is
destroyed, so the token cannot be used anymore for
logon, even if the client part of the token is restored
through identity restore.
HP is investigating long-term options for resolution.
Embedded Security for HP ProtectTools
Short description
Details
Solution
Encrypting folders, sub
folders, and files on PSD
causes error message.
If the user copies files and folders to the
PSD and tries to encrypt folders/files or
folders/subfolders, the
Error Applying
Attributes
message appears. The user
can encrypt the same files on the C:\
drive on an extra installed hard drive.
This is as designed.
Moving files/folders to the PSD automatically encrypts
them. There is no need to “double-encrypt” the files/
folders. Attempting to double-encrypt them using on the
PSD using EFS will produce this error message.
Cannot Take Ownership
With Another OS In
MultiBoot Platform.
If a drive is set up for multiple OS boot,
ownership can only be taken with the
platform initialization wizard in one
operating system.
This is as designed, for security reasons.
Unauthorized
administrator can view,
delete, rename, or move
the contents of encrypted
EFS folders.
Encrypting a folder does not stop an
unauthorized user with administrative
rights to view, delete, or move contents
of the folder.
This is as designed.
It is a feature of EFS, not the Embedded Security TPM.
Embedded Security uses Microsoft EFS software, and
EFS preserves file/folder access rights for all
administrators.
Encrypted folders with
EFS in Windows 2000 are
not shown highlighted in
green.
Encrypted folders with EFS are
highlighted in green in Windows XP, but
not in Windows 2000.
This is as designed.
It is a feature of EFS that it does not highlight encrypted
folders in Windows 2000, but it does in Windows XP.
Embedded Security for HP ProtectTools
53