HP xw8600 HP xw8600 Workstation Service and Technical Reference Guide - Page 52
Using DriveLock, Security>DriveLock Security
View all HP xw8600 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 52 highlights
a temporary user password. If you forget the user password or if the equipment is passed on to another employee, the master password can be used to reset the user password and regain access to the hard drive. HP recommends that corporate system administrators who enable DriveLock also establish a corporate policy for setting and maintaining master passwords. This should be done to prevent a situation where an employee sets both DriveLock passwords before leaving the company. In such a scenario, the hard drive is unusable and requires replacement. Likewise, by not setting a master password, system administrators might find themselves locked out of a hard drive and unable to perform routine checks for unauthorized software, other asset control functions, and support. For users with less stringent security requirements, HP does not recommend enabling DriveLock. Users in this category include personal users, or users who do not maintain sensitive data on their hard drives as a common practice. For these users, the potential loss of a hard drive resulting from forgetting both passwords is much greater than the value of the data DriveLock protects. Access to Computer Setup (F10) and DriveLock can be restricted through the setup password. By specifying a setup password and not giving it to users, system administrators can restrict users from enabling DriveLock. Using DriveLock When hard drives that support the ATA security command set are detected, DriveLock appears under the Security menu in the Computer Setup (F10) menu. You are presented with options to set the master password and to enable DriveLock. You must provide a user password to enable DriveLock. Because the initial configuration of DriveLock is typically performed by a system administrator, a master password should be set first. HP encourages system administrators to set a master password whether they plan to enable DriveLock or not. This gives the administrator the ability to modify DriveLock settings if the drive is locked in the future. After the master password is set, the system administrator can enable DriveLock or leave it disabled. If a locked hard drive is present, POST requires a password to unlock the device. If a power-on password is set and it matches the device's user password, POST does not prompt the user to re-enter the password. Otherwise, the user is prompted to enter a DriveLock password. For a cold boot, use the master or user password. For a warm boot, enter the same password used to unlock the drive during the preceding cold boot. Users have two attempts to enter a correct password. During cold boot, if neither attempt succeeds, POST continues but the drive remains inaccessible. During a warm-boot or restart from Windows, if neither attempt succeeds, POST halts and the user is instructed to cycle power. To enable and set the DriveLock user password: 1. Power on or restart the workstation. 2. As soon as the workstation is powered on, press and hold F10 until you enter the Computer Setup (F10) Utility. Press Enter to bypass the title screen, if necessary. If you do not press F!0 at the appropriate time, you must restart the workstation, and then press and hold F10 again to access the utility. If you are using a PS2 keyboard, you might see a keyboard error message. Disregard it. 3. Select Security>DriveLock Security. 4. For each DriveLock-capable drive, select a drive by pressing F10 to accept. 42 Chapter 3 System management ENWW