Users with Dell Encryption Enterprise Shield \ Dell Data Protection Enterprise Edition Shield may lose access to files after password change

Users with Dell Encryption Enterprise Shield \ Dell Data Protection Enterprise Edition Shield may lose access to files after password change


This article provides information regarding users may lose access to files after password updates with Web based password change tools.


Affected Products:

Dell Encryption Enterprise Shield
Dell Data Protection | Enterprise Edition Shield


How to Determine the Cause:

When accessing log files located in \ProgramData\Dell\Dell Data Protection\Encryption\CMGShield.log(s) you may find the following error:

[06.30.15 09:28:45:426 ExternalAuth: 463 E] [SUPPORT] Authentication - Could not unprotect data [MS error = 0x8009000b]

This error is stating that the User’s password used to seal encryption keys and policy information on the local system did not properly sync with active directory.

This is commonly caused by 3rd party password management software that can update active directory passwords outside of the local computer.

When this password update happens outside of the OS, Dell Encryption Enterprise Shield (formerly Dell Data Protection | Enterprise Edition Shield) may not be able to properly sync the password once it is changed.



With version 8.5.2 and newer, Dell Encryption Enterprise Shield clients have introduced a registry key that allows for detection of this issue and automatic remediation without a reboot.

To Enable Automatic Re-activation, set this key to:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\CMGShield]
"AutoReactivation"=dword:00000001

When this triggers, a line in the logs of the client will be generated:

Event Engine - Flagging user XXXXXXX@domain.org for automatic reactivation

A new registry key to record how many times this will have ran has also been generated.

Administrators can monitor how many re-activations have happened per system with this new key.

This will be automatically generated by the shield when a re-activation happens:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\CMGShield]
"AutoReactivationCount"=dword:00000000sts


WSDeactivate is leveraged to fix this situation. Follow the link below for instructions:

How to run WSDeactivate on Dell Data Protection | Enterprise Shield for Windows


For support, US-based customers may contact Dell Data Security ProSupport at 877.459.7304, Option 1, Ext. 4310039, or via the Chat Portal. To contact support outside the US, reference ProSupport’s International Contact Numbers. For additional insights and resources, visit the Dell Security Community Forum.


Identifikátor článku: SLN298102

Dátum poslednej zmeny: 07/11/2018 01:50 PM


Ohodnotiť tento článok

Presné
Užitočné
Jednoducho pochopiteľné
Bol pre vás tento článok užitočný?
Áno Nie
Pošlite nám pripomienky.
Poznámky nemôžu obsahovať nasledujúce špeciálne znaky: <>()\
Ľutujeme, náš systém odosielania pripomienok je momentálne nefunkčný. Skúste znova neskôr.

Ďakujeme vám za pripomienky.