Dell Data Protection External Media Edition Impersonation Failure in Log Files

Affected Products:

• Dell Data Protection | External Media Edition

Enabling the following GPO may have an impact with the functionality of Dell Encryption regarding protecting removable media:

Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\"Devices: Restrict CD-ROM access to locally logged-on user only.

The following policies may be affected when this GPO is enabled:

• All Removable Storage classes Deny all access enabled = External Media Shield does not prompt to encrypt the device, the device does not appear within the Dell Encryption console.
• Removable Disk: Deny read = External Media Shield does not prompt to encrypt the device, the Dell Encryption console displays the drive as Not encrypted, not authenticated, blocked access.
• Removable Disk: Deny write = External Media Shield will prompt to encrypt the drive, though no progress dialog will present after entering password. Since the _Encrypted_Data_Do_Not_Delete_ folder is still created if you reinsert the drive, you are prompted to recover. If a recover is attempted, it fails.
• Removable Disk: Deny executing = No impact to functionality
• CD and DVD: Deny read = External Media Shield does not prompt to encrypt the device, the Dell Encryption console displays the drive as Not encrypted, not authenticated, blocked access.
• CD and DVD: Deny write = External Media Shield will prompt to encrypt the drive, though no progress dialog will present after entering password. Since the _Encrypted_Data_Do_Not_Delete_ folder is still created, when you reinsert the drive you are prompted to recover. If a recover is attempted, it fails.
• CD and DVD: Deny executing = No impact to functionality.

Dell Data Protection | External Media Edition errors can occur if we cannot impersonate the user due to the EMS Service, separate from the Shield Service, trying to mount a drive before the Shield service has sent over the User information.

Examples of Impersonation Failure in Log Files:

12.01.17 15:25:55.718 [I] The current CMG user [] is ' ', Solicited: Y, RC=0
12.01.17 15:26:04.000 [I] [Volume "C:\"] Examining Volume: [\Device\HarddiskVolume1] [SN:5A9BEC50]
12.01.17 15:26:13.765 [I] [Volume "D:\"] Examining Volume: [] [SN:]
12.01.17 15:26:13.796 [W] [Volume "D:\"] Error 0x00000001 determining drive readiness!
12.01.17 15:26:13.796 [E] [Volume "D:\"] Error 0x00000001 while attaching/detaching volume. [D:\].
12.01.17 15:26:13.843 [E] [Volume "D:\"] Blocking device due to error because user is unmanaged!
12.01.17 15:26:13.843 [I] [Volume "D:\"] Attaching CEF to all files on device for '_DEVICE_'
12.01.17 15:26:15.296 [I] [Volume "G:\"] Examining Volume: [\Device\HarddiskVolume2] [SN:8CB42002]
12.01.17 15:27:09.391 [I] Handling IPCMSG_ID_SVR_CLT_CURRENT_USER_RPY
12.01.17 15:27:09.391 [I] The current CMG user [ali@info.sys] is 'ZXR79YWVZFNH7XG2', Solicited: N, RC=16
12.01.17 15:27:09.391 [I] Impersonation has been activated for current user!!
12.01.17 15:27:09.391 [I] CMG shield user log on detected.

The mount of the drive failed due to that ambiguous state. You may see 'impersonation failed' messages.

To resolve, disable or leave the following GPO as Not Defined.

Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\"Devices: Restrict CD-ROM access to locally logged-on user only

To contact support, reference Dell Data Security International Support Phone Numbers.
Go to TechDirect to generate a technical support request online.
For additional insights and resources, join the Dell Security Community Forum.