Install Guide
msiexec.exe /i "Dell Data Protection Encryption.msi" /qn REBOOT="ReallySuppress"
SERVERMODE="1" SERVERHOSTNAME="server.organization.com"
POLICYPROXYHOSTNAME="rgk.organization.com" MANAGEDDOMAIN="ORGANIZATION"
DEVICESERVERURL="https://server.organization.com:8443/xapi/"
● The following example installs Encryption in server operating system mode with a log file and default parameters (Encryption,
silent installation, Encrypt for Sharing, no dialogue, no progress bar, no restart, installed in the default location of
C:\Program Files\Dell\Dell Data Protection\Encryption) and specifies a custom log file name ending with
a number (DDP_ssos-090.log) that is incremented if the command line is run more than once on the same server. To specify
a log location other than the default location where the executable is located, provide the complete path in the command.
For example, /l*v C:\Logs\DDP_ssos-090.log creates install logs in C:\Logs.
DDPE_XXbit_setup.exe /s /v"SERVERMODE=1 SERVERHOSTNAME=server.organization.com
POLICYPROXYHOSTNAME=rgk.organization.com MANAGEDDOMAIN=ORGANIZATION
DEVICESERVERURL=https://server.organization.com:8443/xapi/ /l*v DDP_ssos-090.log /
norestart/qn"
MSI Command:
msiexec.exe /i "Dell Data Protection Encryption.msi" /qn SERVERMODE="1"
SERVERHOSTNAME="server.organization.com" POLICYPROXYHOSTNAME="rgk.organization.com"
MANAGEDDOMAIN="ORGANIZATION" DEVICESERVERURL="https://server.organization.com:8443/
xapi/" /l*v DDP_ssos-090.log /norestart/qn"
Restart the computer after installation. Dell recommends snoozing the reboot only if time is needed to save your work and close
applications. Encryption cannot begin until the computer has rebooted.
Activate
● Ensure that the computer name of the server is the endpoint name to display in the Management Console.
● An interactive user with domain administrator credentials must log on to the server at least once for the purpose of the initial
activation. The logged on user can be of any type - domain or non-domain, remote desktop-connected or interactive user at
the server, but activation requires domain administrator credentials.
● Following the restart after installation, the Activation dialog displays. The administrator must enter domain administrator
credentials with a user name in User Principal Name (UPN) format. Encryption of server operating systems does not activate
automatically.
● During initial activation, a virtual server user account is created. After initial activation, the computer is restarted so that
device activation can begin.
● During the authentication and device activation phase, the computer is assigned a unique Machine ID, encryption keys are
created and bundled, and a relationship is established between the encryption key bundle and the virtual server user. The
encryption key bundle associates the encryption keys and policies with the new virtual server user to create an unbreakable
relationship between the encrypted data, the specific computer, and the virtual server user. After device activation, the
virtual server user displays in the Management Console as SERVER-USER@<fully qualified server name>. For more
information about activation, see Activation on a Server Operating System.
NOTE:
If you rename the server after activation, its display name does not change in the Management Console. However, if
Encryption of server operating systems activates again after the server name is changed, the new server name will then
display in the Management Console.
An Activation dialog displays once after each restart to prompt the user to activate Encryption on a server operating system. To
complete activation, follow these steps:
1. Log on to the server either at the server or through Remote Desktop Connection.
2. Enter the user name of a domain administrator in UPN format and password and click Activate. This is the same Activation
dialog that displays each time an unactivated system is restarted.
54
Install Using the Child Installers