Manualshelf

Administrator Guide

ManualsBrandsDell ManualsConverged InfrastructureEncryption
12345678
Use EnCase with Dell Encryption
CEGetBundle
CEGetBundle is a utility which allows forensic administrators to pull key material from a Dell Server. This utility is available through Dell
ProSupport.
The following table details the parameters available for the installation.
Parameters (Parameters are case sensitive)
-L = Legacy mode for exporting keys from a CMG 5.3.x Server
-X = URL for the Security Server (Default Security Server for a server at “SecurityServer.Organization.Com would be: https://
securityserver.organization.com:8443/xapi/)
-a = AdminName, an account defined within the Security Management Server with forensic administrator rights, account user name
-A = AdminPwd, an account defined within the Security Management Server with forensic administrator rights, account password
-D = AdminDomain, the domain for the username that is defined within the Security Management Server with Forensic
Administrator rights
-d = MCID, Machine ID for the target device (also known as the Unique ID or FQDN of the device)
-s = SCID, Shield ID for the target device (also known as DCID or Recovery ID, can be found by using WSScan to find a “Common”
key encrypted file)
-u = Username, User targeted for key material export (legacy mode only)
-o = OutputFile, File name for the exported key bundle
-i = OutputPwd, Password for the exported key bundle
-R = Use backup file mode
-b = BackupFile, The previously downloaded keybundle containing the encryption keys
-A = BackupPwd, The administrator password used for the backup file
NOTE: The AdminDomain parameter should be supplied only for exporting keys from CMG Enterprise Edition 6.0 and later servers
configured to support multiple domains.
NOTE: In legacy mode, the MCID, SCID, and Username must be specified. The key material for only the specified user will be appended to
the output file. You must run this tool with the same output filename for each user on the device targeted for decryption if user or user-
roaming encryption is enabled. Each user's key material will be appended to the output file.
Example Command Line
The following example uses the MCID, SCID, or both. All key material associated with the specified machine (MCID), or SCID, or both
are saved to the output file which is overwritten if it exists.
CEGetBundle [-L] -XURL -aAdminName -AAdminPwd [-DAdminDomain] [-dMCID] [-sSCID] [-uUsername]
-oOutputFile -iOutputPwd
The following details the previous example command with example parameter values: CEGetBundle.exe -L -Xhttps://
cred01.domain.com:8081/xapi -ajsmith -Achangeit -dmachine774.somedomain.com -sALD25WL7 -
ucstevens -o"C:\temp\KeyBundle.bin" -iKeyP@ssw0rd
The following example extracts key material from the backup file exported by the installer.
4
Use EnCase with Dell Encryption 7