Manualshelf

Install Guide

ManualsBrandsDell ManualsConverged InfrastructureEndpoint Security Suite Enterprise
101102103104105106107108109110
1. When restarted after a successful initial activation, a computer with Server Encryption automatically authenticates using the
virtual server user account and runs the Encryption client in Server mode.
2. The computer checks its device activation status with the Dell Server:
If the computer has not previously device-activated, the Dell Server assigns the computer an MCID, a DCID, and a trust
certificate, and stores all of the information in the Dell Server's vault.
If the computer had previously been device-activated, the Dell Server verifies the trust certificate.
3. After the Dell Server assigns the trust certificate to the server, the server can access its encryption keys.
4. Device activation is successful.
NOTE:
When running in Server mode, the Encryption client must have access to the same certificate as was used for device
activation to access the encryption keys.
(Optional) Create an Encryption Removal Agent Log File
Before beginning the uninstall process, you can optionally create an Encryption Removal Agent log file. This log file is useful
for troubleshooting an uninstall/decryption operation. If you do not intend to decrypt files during the uninstall process, you
do not need to create this log file.
The Encryption Removal Agent log file is not created until after the Encryption Removal Agent service runs, which does not
happen until the computer is restarted. Once the client is successfully uninstalled and the computer is fully decrypted, the
log file is permanently deleted.
The log file path is C:\ProgramData\Dell\Dell Data Protection\Encryption.
Create the following registry entry on the computer targeted for decryption.
[HKLM\Software\Credant\DecryptionAgent]
"LogVerbosity"=DWORD:2
0: no logging
1: logs errors that prevent the service from running
2: logs errors that prevent complete data decryption (recommended level)
3: logs information about all decrypting volumes and files
5: logs debugging information
Find TSS Version
TSS is a component that interfaces with the TPM. To find the TSS version, go to (default location) C:\Program Files
\Dell\Dell Data Protection\Drivers\TSS\bin > tcsd_win32.exe. Right-click the file and select
Properties. Verify the file version on the Details tab.
106
Troubleshooting