Passer au contenu principal
  • Passer des commandes rapidement et facilement
  • Afficher les commandes et suivre l’état de votre expédition
  • Profitez de récompenses et de remises réservées aux membres
  • Créez et accédez à une liste de vos produits
  • Gérer vos sites, vos produits et vos contacts au niveau des produits Dell EMC à l’aide de la rubrique Gestion des informations de l’entreprise.

Endpoint Security Suite Pro Advanced Installation Guide v1.8

PDF

SED Client Troubleshooting

Use the Initial Access Code Policy

  • This policy is used to log on to a computer when network access is unavailable. Meaning, access to the Security Management Server/ Security Management Server Virtual and AD are both unavailable. Only use the Initial Access Code policy if absolutely necessary. Dell does not recommend this method to log in. Using the Initial Access Code policy does not provide the same level of security as the usual method of logging in using username, domain, and password.

    In addition to being a less secure method of logging in, if an end user is activated using the Initial Access Code, then there is no record on the Security Management Server/ Security Management Server Virtual of that user activating on this computer. In turn, there is no way to generate a Response Code from the Security Management Server/ Security Management Server Virtual for the end user if they fail password and self help questions.

  • The Initial Access Code can only be used one time, immediately after activation. After an end user has logged in, the Initial Access Code will not be available again. The first domain login that occurs after the Initial Access Code is entered will be cached, and the Initial Access Code entry field will not be displayed again.
  • The Initial Access Code will only display under the following circumstances:

    • A user has never activated inside the PBA.
    • The client has no connectivity to the network or Security Management Server/ Security Management Server Virtual.

Use Initial Access Code

  1. Set a value for the Initial Access Code policy in the Remote Management Console.
  2. Save and commit the policy.
  3. Start the local computer.
  4. Enter the Initial Access Code when the Access Code screen displays.
  5. Click the blue arrow.
  6. Click OK when the Legal Notice screen displays.
  7. Log in to Windows with the user credentials for this computer. These credentials must be part of the domain.
  8. After logging in, open the Data Security Console and verify that the PBA user was successfully created.

    Click Log in the top menu and look for the message Created PBA user for <domain\username>, which indicates the process was successful.

  9. Shut down and restart the computer.
  10. At the login screen, enter the username, domain, and password that was previously used to log in to Windows.

    You must match the username format that was used when creating the PBA user. Thus, if you used the format domain/username, you must enter domain/username for the Username.

  11. (Credant Manager only) Respond to the Question and Answer prompts.

    Click the blue arrow.

  12. Click Login when the Legal Notice screen displays.

    Windows now launches and the computer can be used as usual.

Create a PBA Log File for Troubleshooting

  • There may be cases when a PBA log file is needed for troubleshooting PBA issues, such as:

    • You are unable to see the network connection icon, yet you know there is network connectivity. The log file contains DHCP information to resolve the issue.
    • You are unable to see the Security Management Server/ Security Management Server Virtual connection icon. The log file contains information to help diagnose Security Management Server/ Security Management Server Virtual connectivity issues.
    • Authentication fails even when entering correct credentials. The log file used with the Security Management Server/ Security Management Server Virtual Server logs can help diagnose the issue.

Capture Logs When Booting Into the PBA (Legacy PBA)

  1. Create a folder on a USB drive and name it \CredantSED , at the root level of the USB drive.
  2. Create a file named actions.txt and place it in the \CredantSED folder.
  3. In actions.txt, add the line:

    get logs
  4. Save and close the file.

    Do not insert the USB drive when the computer is powered down. If the USB drive is already inserted during the shutdown state, remove the USB drive.

  5. Power on the computer and log in to the PBA. Insert the USB drive into the computer that the logs are to be collected from during this step.
  6. After inserting the USB drive, wait for 5-10 seconds, then remove the drive.

    A credpbaenv.tgz file is created in the \CredantSED folder that contains the needed log files.

Capture Logs When Booting Into the PBA (UEFI PBA)

  1. Create a file called PBAErr.log at the root level of the USB drive.
  2. Insert the USB drive before powering on the computer.
  3. Remove the USB drive after reproducing the issue requiring the logs.

The PBAErr.log file will be updated and written in real-time.


Évaluez ce contenu

Précis
Utile
Facile à comprendre
Avez-vous trouvé cet article utile ?
0/3000 characters
  Veuillez attribuer une note (1 à 5 étoiles).
  Veuillez attribuer une note (1 à 5 étoiles).
  Veuillez attribuer une note (1 à 5 étoiles).
  Veuillez indiquer si l’article a été utile ou non.
  Les commentaires ne doivent pas contenir les caractères spéciaux : <>()\