beautypg.com

62 chapter 7 troubleshooting enww – HP Compaq dc5750 Microtower-PC User Manual

Page 68

background image

Short description

Details

Solution

Microsoft EFS does not
fully work in Windows
2000.

An administrator can access encrypted
information on the system without
knowing the correct password. If the
administrator enters an incorrect
password or cancels the password
dialog, the encrypted file will open as if
the administrator had entered the correct
password. This happens regardless of
the security settings used when
encrypting the data. This occurs only in
the first administrator account on
Windows 2000.

The Data Recovery Policy is automatically configured
to designate an administrator as a recovery agent.
When a user key cannot be retrieved (as in the case of
entering the wrong password or canceling the Enter
Password dialog), the file is automatically decrypted
with a recovery key.

This is due to the Microsoft EFS. Please refer to
Microsoft Knowledge Base Technical Article Q257705
at

http://www.microsoft.com

for more information.

The documents cannot be opened by a non-
administrator user

When viewing a
certificate, it shows as
non-trusted.

After setting up HP ProtectTools and
running the User Initialization Wizard, the
user has the ability to view the certificate
issued; however, when viewing the
certificate, it shows as non-trusted. While
the certificate can be installed at this
point by clicking the install button,
installing it does not make it trusted.

Self-signed certificates are not trusted. In a properly
configured enterprise environment, EFS certificates are
issued by online Certification Authorities and are
trusted.

Intermittent encrypt and
decrypt error occurs: The
process cannot access
the file because it is
being used by another
process.

Extremely intermittent error during file
encryption or decryption occurs due to
the file being used by another process,
even though that file or folder is not being
processed by the operating system or
other applications.

To resolve the failure:

1.

Restart the system.

2.

Log off.

3.

Log back in.

Data loss in removable
storage occurs if storage
is removed prior to new
data generation or
transfer.

Removing storage mediums such as a
MultiBay hard drive still shows PSD
availability and does not generate errors
while adding/modifying data to the PSD.
After system restart, the PSD does not
reflect file changes that occurred while
the removable storage was not available.

The issue is only experienced if the user accesses the
PSD, then removes the hard drive before completing
new data generation or transfer. If the user attempts to
access the PSD when the removable hard drive is not
present, an error message is displayed stating that the
device is not ready
.

During uninstall, if user
has not initialized the
Basic User and opens the
Administration tool, the
Disable option is not
available and Uninstaller
will not continue until the
Administration tool is
closed.

The user has the option of uninstalling
either without disabling the TPM or by
first disabling the TPM (through Admin.
tool), then uninstalling. Accessing the
Admin tool requires Basic User Key
initialization. If basic initialization has not
occurred, all options are inaccessible to
the user.

Since the user has explicitly chosen to
open the Admin tool (by clicking Yes in
the dialog box prompting Click Yes to
open Embedded Security
Administration tool
), uninstall waits
until the Admin tool is closed. If user
clicks No in that dialog box, then the
Admin tool does not open at all and
uninstall proceeds.

The Admin tool is used for disabling the TPM chip, but
that option is not available unless the Basic User Key
has already been initialized. If it has not, then select
OK or Cancel in order to continue with the
uninstallation process.

Intermittent system lockup
occurs after creating PSD
on 2 users accounts and
using fast-user-switching
in 128-MB system
configurations.

System may lock up with a black screen
and non-responding keyboard and
mouse instead of showing welcome
(logon) screen when using fast-switching
with minimal RAM.

Root Cause suspicion is a timing issue in low memory
configurations.

Integrated graphics uses UMA architecture taking 8 MB
of memory, leaving only 120 available to user. This 120
MB is shared by both users who are logged in and are
fast-user-switching when error is generated.

Workaround is to reboot system and customer is
encouraged to increase memory configuration (HP

62

Chapter 7 Troubleshooting

ENWW