Users Guide
● Attempting to upgrade Enterprise Edition to Encryption with Deferred Activation results in disabling of deferred activation
after reboot and display of the Encryption client entry in Control Panel Programs and Features. [DDPMTR-808]
● With Encryption with Deferred Activation, to use Kerberos to silently decrypt and uninstall, the computer must be connected
to the domain, and the user must have the following administrator privileges: domain administrator, local administrator, DDP
Forensic Administrator, and administrator on the DDP Key Server. Furthermore, a local administrator who is logged on to the
computer must decrypt all encrypted files on the computer before uninstallation, rather than having the option to uninstall
without first decrypting files. [DDPMTR-868]
● During SDE encryption, a popup notification displays to prompt the user to cancel encryption when an application is waiting
for encryption of a file to complete. If this occurs rapidly during a short length of time, multiple notifications may
simultaneously display. [DDPMTR-943]
● When Encryption with Deferred Activation is installed but not activated, the user cannot uninstall and reinstall a different
DDP edition. Because activation did not occur, retrieval of encryption keys and decryption are not possible. A different DDP
edition cannot overwrite the deferred activation Encryption client. [DDPMTR-944]
● Due to Microsoft's change in the way Windows handles stopping a critical service, stopping a DDP service such as
CMGShield service, EMS service, or the Dell Data Protection | Encryption process in Task Manager will result in the
computer experiencing a blue screen. [DDPMTR-945]
● In Windows 10, when using EMS Explorer to open a 5GB file on encrypted removable media an error displays, "The... file is
too large for notepad," and the file does not open. [DDPMTR-990]
● When opening a file on encrypted removable media through EMS Explorer on a non-Shielded computer, if the removable
media is removed without being ejected, the file remains in the computer's Ems Explorer Temporary Files folder in clear text
after the file is closed. Properly ejecting the removable media properly removes these clear-text files. [DDPMTR-1157]
● After recovery of a computer running Windows 10 with HCA policy enabled, if HCA policy is then disabled the computer
experiences a blue screen rather than decrypting as expected. [DDPMTR-1303]
Advanced Authentication
● When a user begins credential enrollment but quits without saving before enrollment is complete, the credentials are enrolled
rather than discarded. To work around this issue, if policy allows the user to modify their own credentials, the user can open
the DDP Console, select the Enrollments tile, select and delete the credentials. Otherwise, an administrator must remove
them. [CSF-146]
● Password Manager does not support the Windows 10 web browser, Microsoft Edge. [CSF-281]
● When running on Windows 10, the DDP Console About window displays incorrect BIOS information and an incorrect serial
number for the computer's motherboard. [CSF-291, CSF-301]
● When a contactless smart card is moved across the card reader, a popup notification prompts the user to enroll the smart
card. If the card is moved multiple times in a short length of time, multiple popup notifications may simultaneously display.
[CSF-293]
● Amended 08/2015 - When using the child installer, no reboot automatically occurs, but a restart is necessary. The user must
manually restart the computer or, to force a restart after installation, add /forcerestart to the installation command.
[CSF-336]
● On Windows 10, if the Validity Fingerprint Sensor driver is out-of-date, when PBA is activated, the computer experiences a
blue screen. To work around this issue, ensure that PBA is not enabled by policy, then follow these steps:
1. Install Dell Data Protection then reboot.
2. In Windows Control Panel, navigate to Device Manager.
3. Under Biometric Devices, disable the Validity Fingerprint Sensor.
4. Activate the PBA.
5. After reboot, the Validity Fingerprint Sensor can be re-enabled, and the fingerprint reader functions as expected.
To download the latest Validity Fingerprint Sensor driver, go to http://www.dell.com/support/home/us/en/19/Products/?
app=drivers and select your computer model to check and download the latest driver.
[CSF-349]
● Added 08/2015 - If Microsoft TPM Base Services is improperly installed, the following functionality is affected: HCA
provisioning, fingerprint enrollment in the DDP Console/Security Console, and BitLocker Manager operation. For more
information and to work around this issue, refer to this KB article: http://www.dell.com/support/article/us/en/19/
SLN296706. [CSF-454]
Preboot Authentication
● Upgrade from v8.1 or v8.2 to v8.6 on a computer with a SED installed and PBA activated fails. [CSF-449, CSF-461]
64
Technical Advisories