Manualshelf

Administrator Guide

ManualsBrandsDell ManualsConverged InfrastructureEncryption
21222324252627282930
[HKLM\SOFTWARE\DELL\Dell Data Protection]
SmartCardServiceCheck=REG_DWORD:0
0 = Enabled
1 = Disabled
To prevent Full Disk Encryption from disabling third-party credential providers, create the following registry key:
HKLM\SOFTWARE\Dell\Dell Data Protection\
"AllowOtherCredProviders" = DWORD:1
0=Disabled (default)
1=Enabled
NOTE: This value may prevent the Dell credential provider from properly syncing credentials initially due to third-party
credential providers being disabled. Ensure the devices using this registry key can properly communicate with the Dell
Server.
To suppress all Toaster notifications from the Encryption Management Agent, the following registry value must be set on the
client computer.
[HKEY_LOCAL_MACHINE\SOFTWARE\Dell\Dell Data Protection]
"PbaToastersAllowClose" =DWORD:1
0=Enabled (default)
1=Disabled
To allow installation of Full Disk Encryption with Policy Based Encryption, the following registry value must be set on the
client computer.
[HKEY_LOCAL_MACHINE\SOFTWARE\Dell\Dell Data Protection]
" EnableFDE" = DWORD: 1
0=Disabled (default)
1=Enabled
BitLocker Manager
If a self-signed certificate is used on the Dell Server for BitLocker Manager, SSL/TLS trust validation must remain disabled
on the client computer (SSL/TLS trust validation is disabled by default with BitLocker Manager). Before enabling SSL/TLS
trust validation on the client computer, the following requirements must be met.
A certificate signed by a root authority, such as EnTrust or Verisign, must be imported into Dell Server.
The full chain of trust of the certificate must be stored in the Microsoft keystore on the client computer.
To enable SSL/TLS trust validation for BitLocker Manager, change the value of the following registry entry to 0 on the
client computer.
[HKLM\System\CurrentControlSet\Services\DellMgmtAgent\Parameters]
"DisableSSLCertTrust"=DWORD:0
0 = Enabled
1 = Disabled
To prevent Bitlocker Manager from detecting removable disks as fixed disks, add the following registry key:
HKLM\Software\Dell\Dell Data Protection\
"UseEncryptableVolumeType" = DWORD:1
0=Disabled (default)
1=Enabled
Registry Settings
27