Advertisement
Quick Links
HP ProtectTools Troubleshooting
Guide
HP Compaq Business Desktops
Document Part Number: 413742-001
January 2006
This document contains information and recommendations for the
ProtectTools administrator concerning questions that may arise in the
administration and operation of HP ProtectTools.
Advertisement
Related Manuals for HP 413742-001
Summary of Contents for HP 413742-001
- Page 1 HP ProtectTools Troubleshooting Guide HP Compaq Business Desktops Document Part Number: 413742-001 January 2006 This document contains information and recommendations for the ProtectTools administrator concerning questions that may arise in the administration and operation of HP ProtectTools.
- Page 2 Microsoft, Windows, and Windows NT are trademarks of Microsoft Corporation in the U.S. and other countries. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.
- Page 3 HP ProtectTools Troubleshooting Guide Overview HP ProtectTools Security is a new technology offered by HP on some Business PCs. This technology offers enhanced security support for file/folder encryption, user identity and protection, Single Sign On, multi-factor authentication, smart card, smart card preboot, token and biometric support and works natively with the operating system to enhance security aware applications, such as secure e-mail.
- Page 4 BIOS Configuration for ProtectTools: This configuration provides access to the Computer Setup Utility security and configuration settings. This allows users to access system security features managed by Computer Setup through Windows. Please consult the HP ProtectTools Security Manager Guide that shipped with the computer or http://www.hp.com access this online at support materials.
- Page 5 A transparent file encryption service provided by Microsoft for Windows 2000 or later Defines an interface used by the HP ProtectTools Embedded Security device to connect with the platform chipset. The bus consists of 4 bits of Address/Data pins, along with a 33Mhz clock and several control/status pins.
- Page 6 This is as designed. Microsoft EFS is supported only on NTFS and will not function on FAT32. This is a feature of Microsoft's EFS and is not related to HP ProtectTools software. www.hp.com Technical Reference Guide...
- Page 7 'best practices' security approach and instruct users never to encrypt or delete the recovery archive files. To reduce the time required to scan HP ProtectTools Embedded Security EFS files, the user can either enter the encryption password before scanning or decrypt before scanning.
- Page 8 F10 Setup utility. This is as designed. The Computer Setup (F10) Utility password can only be removed by a user who knows the password. However, HP strongly recommends having the Computer Setup (F10) Utility password protected at all times. www.hp.com...
- Page 9 This happens regardless of the security settings used when encrypting the data. HP ProtectTools Embedded After setting up HP Security—When viewing a ProtectTools and running the certificate, it shows as User Initialization Wizard, non-trusted.
- Page 10 HP ProtectTools Troubleshooting Guide Software Impacted-Short description HP ProtectTools Embedded Extremely intermittent error Security—Intermittent during file encryption or encrypt and decrypt error decryption occurs due to the occurs: The process file being used by another cannot access the file process, even though that file...
- Page 11 This is by design—to avoid issues with Microsoft EFS, a 30-second timer watchdog timer was created to generate the error message). HP is aware of translation issues and will be translating in future Web release. The ability to encrypt does not require password authentication, since this is a feature of the Microsoft EFS encryption.
- Page 12 Windows services time out after attempting connection to the damaged TPM. The Security Manager recovers and the user can run the self test and confirm damaged module. HP is working to resolve the xml-file-overwrite issue and will provide a solution in a future SoftPaq. www.hp.com...
- Page 13 Technical Reference Guide Details Solution / Workaround 1. Reinstall HP ProtectTools Embedded Security Software 2. Run the Platform and User configuration wizard. 3. Ensure that the system contains Microsoft .NET framework 1.1 installation: •...
- Page 14 HP ProtectTools Troubleshooting Guide Software Impacted-Short description HP ProtectTools Credential Using TPM authentication, the Manager—Using user is only logged into the Credential Manager local machine. Network Accounts option, a user can select which domain account to log into. When TPM authentication is used, this option is not available.
- Page 15 Call 3rd level support for HP direct assistance. Press the power button for 3 seconds to force the system to reboot. HP is working on a resolution. The resolution will be made available in future Credential Manager product development. www.hp.com...
- Page 16 Security Manager window) and all plug-ins listed in left column. To avoid failure, allow a reasonable time for these plug-ins to load. No corrective action is planned by HP for the Security Manager product. The system administrator can resolve this by deleting the guest-user-created PSD.
- Page 17 This behavior is as designed, as the Security Manager requires the TPM hardware. Customers wishing to avoid this behavior should re-enable their TPM or remove the HP Embedded Security software through Add/remove programs. www.hp.com HP ProtectTools Troubleshooting Guide...
- Page 18 Embedded Security produces this error if it is used before the computer is rebooted. HP is working on an enhancement to be made available in future product versions. Unhide the TPM in BIOS: Open the Computer Setup (F10) Utility, navigate to Security >...
- Page 19 Software Impacted-Short description HP ProtectTools Embedded If the user uninstalls HP Security—Numerous ProtectTools Embedded end-task errors during Security and waits a few reboot after uninstalling minutes after the uninstall completes, when the user selects Yes to reboot, numerous end-task errors...
- Page 20 AUTHORITY\SYSTEM to (computer name)\(admin name). This is the default setting if the Scheduled Task is created manually. HP is working to provide future product releases with default settings that include computer name\admin name. HP will address this issue in future releases.
- Page 21 The browse option was removed from current product offerings because it allowed non-users to delete and rename files and take control of Windows. HP is researching a workaround for future product enhancements. HP is researching workaround for future product enhancements.
- Page 22 PC, Credential Manager can only change the password used to log in. HP is researching a workaround for future product enhancements. HP is researching a workaround for future product enhancements.
- Page 23 BIOS Security Mode, at the top of the Smart Card Security > BIOS page must be enabled. If not enabled, the PIN at boot time will not have any functionality. HP is researching a resolution for next product offering. www.hp.com HP ProtectTools Troubleshooting Guide...
- Page 24 Multi-byte characters stored on smart card are not correctly displayed. At this point, there is no real solution for this. HP is working to add information in product help files to further clarify this limitation in future product offerings.
- Page 25 TPM. 2. Uninstall the Credential Manager. 3. Enable and initialize the TPM. 4. Install the Credential Manager. 5. Restore the user identity. HP is investigating resolution options for future customer software releases. www.hp.com HP ProtectTools Troubleshooting Guide Microsoft knowledge base...
- Page 26 Credential Manager backup files. This functionality was not originally designed into the product. This is being implemented in future product revisions being designed by HP. This is currently by design. When uninstalling Credential Manager without keeping identities, the system (server) part of the...