Administrator Guide
Table Of Contents
- Encryption Recovery v11.1
- Contents
- Getting Started with Recovery
- Policy-Based or File/Folder Encryption Recovery
- Hardware Crypto Accelerator Recovery
- Self-Encrypting Drive (SED) Recovery
- Full Disk Encryption Recovery
- Full Disk Encryption and Dell Encryption Recovery
- PBA Device Control
- General Purpose Key Recovery
- BitLocker Manager Recovery
- Password Recovery
- Encryption External Media Password Recovery
- Appendix A - Download the Recovery Environment
- Appendix B - Creating Bootable Media
General Purpose Key Recovery
The General Purpose Key (GPK) is used to encrypt part of the registry for domain users. However, during the boot process, in
rare cases, it might become corrupted and fail to unseal. If so, the following errors display in the CMGShield.log file on the client
computer:
[12.06.13 07:56:09:622 GeneralPurposeK: 268] GPK - Failure while unsealing data [error =
0xd]
[12.06.13 07:56:09:622 GeneralPurposeK: 631] GPK - Unseal failure
[12.06.13 07:56:09:622 GeneralPurposeK: 970] GPK - Failure to get keys for the registry
driver
If the GPK fails to unseal, the GPK must be recovered by extracting it from the recovery bundle that is downloaded from the
Dell Server.
Recover the GPK
Obtain the Recovery File
To download the <machinename_domain.com>.exe file that was generated when you installed Dell Data Security:
1. Open the Remote Management Console and, from the left pane, select Management > Recover Endpoint.
2. In the Hostname field, enter the fully qualified domain name of the endpoint and click Search.
3. In the Recovery window, enter a recovery Password and click Download
NOTE:
You must remember this password to access the recovery keys.
8
General Purpose Key Recovery 47