Manualshelf

Reference Guide

ManualsBrandsDell ManualsConverged InfrastructureData Guardian
131132133134135136137138139140
Navigate the Dell Server
124
computer where the original user is logged in, to reinitialize the encryption keys. If policy does not permit
this, it must be inserted into the originally encrypting computer, with the originally specified user name.
On rare occasions, when encryption key material is lost, the Encryption client cannot automatically
locate the necessary information. Use the following process to recover encrypted data.
1. Attach the device to a Windows computer that is not running the Encryption client.
2. Copy all folders from the device onto the Windows computer.
3. Use WSScan to determine the DCID of the encrypted data.
4. Follow the process for recovering access to encrypted data on Windows computers. Use the
DCID obtained from WSScan for the RecoveryID.
Encryption External Media Recovery for User "Removed" from Database
If a user is removed from Active Directory (such as an employee termination), when the Security
Management Server gets the update from AD, the user is marked as “removed” in the database, so that
they do not continue to get policy updates and endpoint access. However, if an Administrator needs to
recover access to data on removable storage that was encrypted by the removed user, the
Administrator does not know the user's password, and therefore cannot access the external media.
Note that the Administrator will need to repeat the following process for each piece of removable
storage encrypted by the removed user, since the recovery code is per endpoint and does not apply to
every piece of media owned by that user.
The following are SQL queries to accomplish "unmarking" the removed flag for the user in the database.
1. Follow the steps below. The user in this example is "games".
The next triage resets the "removed" flag.
2. Perform a recovery through Security Management Server (meaning, lock yourself out of the
removable storage by entering an incorrect password until the recovery screen displays).
Generate an Access Code through the Security Management Server.
3. Reset the Encryption External Media password.
4. IMPORTANT - Reverse the process from step 1 to re-mark the flag as "removed" in the
database.
Enable Federated Key Recovery