Reference Guide
Security Management Server v10.2.7 AdminHelp
85
Cloud device commands apply to the selected endpoint and are carried out from the Cloud Device
Control section of the device's endpoint page. Unlike policies, commands are pushed to the device to
enable an action.
Commands:
Suspend - Suspends the endpoint device. It does not suspend the user account.
Unsuspend - Unsuspends the endpoint device.
FDE Device Control (Windows only)
Current State of the Endpoint - Unlocked or Locked
Commands:
PBA commands for a specific endpoint are carried out in the PBA Device Control area. Each command
has a priority ranking. A command with a higher priority rank cancels commands of lower priorities in the
enforcement queue. For a list of command priority rankings, see
Priority of Commands for Self-
Encrypting Drives.
Lock - Locks the PBA screen and prevents any user from logging into the computer.
Unlock - Unlocks the PBA screen after it has been locked on this endpoint, either by sending a Lock
command or by exceeding the maximum number of authentications attempts allowed by policy.
Remove Users - Removes all users from the PBA.
Bypass Login - Bypasses the PBA screen one time to allow a user into the computer without
authenticating. The user will still need to login to Windows after PBA has been bypassed.
Wipe - The Wipe command functions as a “restore to factory state” for the FDE drive. The Wipe
command can be used to re-purpose a computer or, in an emergency situation, wipe the computer,
making the data permanently unrecoverable. When the wipe command is consumed by the client, all
history and details about this endpoint are removed from the Dell Server. Ensure that this is the desired
behavior before invoking this command.
The FDE Device Control Table
The table lists the commands most recently sent to the PBA Device.
To sort the table, click a column header.
PBA Device Control (Windows only)
Current State of the Endpoint - Unlocked or Locked
Commands:
PBA commands for a specific endpoint are carried out in the PBA Device Control area. Each command
has a priority ranking. A command with a higher priority rank cancels commands of lower priorities in the
enforcement queue. For a list of command priority rankings, see
Priority of Commands for Self-
Encrypting Drives.
Lock - Locks the PBA screen and prevents any user from logging into the computer.
Unlock - Unlocks the PBA screen after it has been locked on this endpoint, either by sending a Lock
command or by exceeding the maximum number of authentications attempts allowed by policy.
Remove Users - Removes all users from the PBA.
Bypass Login - Bypasses the PBA screen one time to allow a user into the computer without
authenticating. The user will still need to login to Windows after PBA has been bypassed.