Users Guide
● Added 08/2015 - If Microsoft TPM Base Services is improperly installed, the following functionality is affected: HCA
provisioning, fingerprint enrollment in the DDP Console/Security Console, and BitLocker Manager operation. For more
information and to work around this issue, refer to this KB article: http://www.dell.com/support/article/us/en/19/
SLN296706. [CSF-454]
Preboot Authentication
● Upgrade from v8.1 or v8.2 to v8.6 on a computer with a SED installed and PBA activated fails. [CSF-449, CSF-461]
● Upgrade on a computer with a LiteOn M3 series SSD installed and PBA activated fails due to the small disk size. To work
around this issue, before upgrading, deprovision the PBA. After upgrade, the PBA can be reactivated. [CSF-528]
● With PBA activated on Dell Latitude E7450, navigation of the Advanced Boot Options menu is not possible because the
native keyboard is not available. To work around this issue, deactivate the PBA, access the Advanced Boot Options menu,
and keyboard navigation is available. [DDPLP-286]
● When running Windows 10 on a computer with smart card authentication through PBA activated, after resuming from hybrid
sleep, single sign-on fails. [DDPLP-308]
● To protect communications against the OpenSSL CVE-2014-3566 vulnerability, Dell Enterprise Server v8.5.1 and DDP
Enterprise Server - Virtual Edition v9.0 and later are set to communicate using TLS, by default. However, Dell Data
Protection | Encryption SED and HCA v8.6 clients communicate with Enterprise Server using SSL. This means that when
running Enterprise Server v8.5.1 and later, Dell Data Protection | Encryption SED or HCA v8.6 clients with Preboot
Authentication activated will fail to communicate with Enterprise Server. To work around this issue, refer to knowledge base
article SLN296006 at http://www.dell.com/support/article/us/en/19/SLN296006. This workaround must be implemented
as soon as possible, in order to prevent PBA client communication issues with Enterprise Server v8.5.1 or Virtual Edition v9.0
and later. [DDPUP-733, DDPMTR-1331]
● On Dell Latitude E7250, E7350, E7450, and Venue Pro 11 (Model 7139), recovery fails with Dell Opal SED Recovery Utility
one-time unlock of the drive. To work around this issue, use the recovery key to unlock a drive on one of these models.
[DDPUP-763]
Enterprise Edition for SED
● Amended 08/2015 - When using the child installer, the installer will effect a reboot only if necessary. To force a restart after
installation, add /forcerestart to the installation command. [CSF-246]
BitLocker Manager
● Amended 08/2015 - When using the child installer, the installer will effect a reboot only if necessary. To force a restart after
installation, add /forcerestart to the installation command. [CSF-246]
● Added 08/2015 - If Microsoft TPM Base Services is improperly installed, the following functionality is affected: HCA
provisioning, fingerprint enrollment in the DDP Console/Security Console, and BitLocker Manager operation. For more
information and to work around this issue, refer to this KB article: http://www.dell.com/support/article/us/en/19/
SLN296706. [CSF-454]
Technical Advisories v8.5.1
No Technical Advisories were introduced in v8.5.1.
Technical Advisories v8.4.1
Encryption Client
● The Shield does not detect password changes for non-domain accounts when the password is reset from another account.
As a result, when the non-domain user attempts to logon again, the logon fails because the Shield did not synchronize the
password change. [DDPC-490]
Advanced Authentication
● Fingerprint enrollment does not prevent the user from using fingerprints from different fingers when enrolling a single finger.
[MMW-212, MMW-724]
Preboot Authentication
● Single Sign-on intermittently fails on computers with self-encrypting drives on which Preboot Authentication is activated.
[DDPLP-144]
● When replacing a provisioned self-encrypting drive (with the Preboot Authentication environment active) with a new self-
encrypting drive and provisioning the Preboot Authentication environment, after the new SED is provisioned, the old SED
can no longer be recovered. [DDPLP-150, MMW-581]
68
Technical Advisories