Failing to encrypt - User not enrolled

Hi SgtTomK!

We have two items that we need for activation to occur in the Dell Encryption application. Currently this is based on a device entity being created and a user entity being able to be bound to. The default behaviour is to take any user, and attempt to validate them against the domains that are configured within the Dell Remote Management Console (WebUI). If the UPN that is provided does not exist, has a duplicate entry within our database (this can happen if there was an AD domain migration, or if we potentially had a conflict with multiple domains within the Dell WebUI), or if we cannot resolve the UPN to any of the defined aliases for a domain, activation will fail.

Our CMGShield.log that is within C:\ProgramData\Dell\Dell Data Protection\Encryption will have log lines that give a hex-decimal encoded windows error correlating with the failure for that user. You can search for the user name that is failing to activate within the log, or you can search for CSS:

if CSS (Credant Security Service) is set to "NO" This means that the user that has logged in has not been validated, and keys are not unlocked.

If we see an error for the user, this can be tracked back on the Dell Security Management Server (formerly Dell Data Protection | Encryption - Enterprise Server). These logs will be replicated within the Compatibility Server's logs folder within the output.log file. The error code received on the client can be searched for within this output.log to find more information about the reason of the failure.

If this does not shed any light on the reason for the failures, we may need to collect logs and analyze. I would highly suggest engaging our support teams via one of the methods here:

Chat: www.dell.com/.../en

Phone: www.dell.com/.../en

-Dale