Unsolved
This post is more than 5 years old
3 Posts
2
15093
Recovery Partition Exclusion - SDE Encryption Rules
Hi Guys,
Would someone tell us how to exclude the recovery partition of the computers in the SDE Encryption Rules ?
All recovery partition has been encrypting and we are having some issues to recovery the Operating System when it is necessary
Please, some help.
Thanks
dell-dale p
156 Posts
1
May 1st, 2017 08:00
Hi Bruno!
in Mid 2015, Microsoft modified the method in which they deliver updates to a "Servicing model" for all operating systems. This introduced an ability for Microsoft to deliver updates and to mount other partitions during those updates to modify their files. When any updates are made to the recovery partition, this mounts the volume (which is typically hidden and un-mountable even by a local administrator). once a volume is mounted Dell Encryption (Dell Data Protection) will attempt to analyze and encrypt the new drive based on volume to ensure it is protected.
I'm working on updating and publishing a KB that will have the solution ID of SLN244078 in the next few business days with this information.
You will need to exclude these folders to ensure the recovery partition and files are not encrypted. Once the recovery partition gets mounted again, these will be automatically decrypted:
-^F#:\Boot\
-^F#:\Recovery\
-^F#:\System Volume Information\
-^F#:\bootmgr
-^F#:\BOOTNXT
-^F#:\BOOTSECT.BAK
Bruno Silva
3 Posts
0
May 4th, 2017 14:00
Hi Dale,
I really appreciate your help and the explanation.
I already excluded these folders in the RMC but it seems that the Recovery Partition still encrypted. I rebooted the laptop several times but It does not work.
Do you know how long does it take to decrypt the partition after applying the exclusions ?
Thank you,
-Bruno
SteveO1683
Moderator
Moderator
•
146 Posts
1
June 1st, 2017 10:00
Hi Bruno!
Sorry for the delayed response. The only time the DDP|E agent would see this partition again would be when Microsoft mounts it during a Windows Update process, so we're basically waiting for that to happen again within the Windows OS.
There is an option to mount the partition and decrypt it offline via our WinPE ISOs. I can provide more info on that process and download links if you'd like.
Best Regards,
Bruno Silva
3 Posts
0
June 5th, 2017 13:00
Hi Stephen,
Thank you for your response
It would be great with you provide me more information on this process.
Best Regards,
Bruno
SteveO1683
Moderator
Moderator
•
146 Posts
1
June 6th, 2017 07:00
Hey Bruno,
The following link will take you to the download page for our recovery tools. Once the download is complete you can extract the contents and burn the ISO file to bootable media. Then you can review this document which has the detailed steps on how to perform an offline decrypt.
If you get stuck at any point please leverage our dedicated support queue via the number in my signature or if you need an international dial in information it can be found at this thread.
Best Regards,
Bruno.marques
2 Posts
0
June 7th, 2017 13:00
Hey Stephen,
I appreciate your support on this case.
I could not reach this link out. It shows an error when I click on it " Page Not Found"
Could you please provide me another link ?
Best regards,
-Bruno Marques
SteveO1683
Moderator
Moderator
•
146 Posts
1
June 7th, 2017 14:00
Hmmm not quite sure what happened but all my links got messed up when it posted. Sorry about that. I edited the post and corrected the links, they are currently working, but I also went ahead and sent you a friend request with the direct links in the messages as well.
Let me know if you still have issues accessing the links.
Bruno.marques
2 Posts
0
June 8th, 2017 06:00
Hey Stephen, Good Morning
I can access those links now.
I really appreciate your help . I will try to do this process to decrypt the recovery partition and if I have any questions or issues I will let you know.
Thank You,
-Bruno