HP ProtectTools Troubleshooting Guide

ManualsBrandsHP ManualsDesktopsHP Compaq dc7600 Small Form Factor PC

1

2

3

4

5

6

7

8

9

Technical Reference Guide www.hp.com 7

HP ProtectTools Troubleshooting Guide

HP ProtectTools Embedded

Security—The PSD

password box is no longer

displayed when the system

becomes active after

Standby status

When a user logs on the

system after creating a PSD,

the TPM asks for the basic

user password. If the user

does not enter the password

and the system goes into

Standby, the password

dialog box is no longer

available when the user

resumes.

This is by design.

The user has to log off and back on to view the

PSD password box again.

HP ProtectTools Embedded

Security—No password

required to change the

Security Platform Policies

Access to Security Platform

Policies (both Machine and

User) does not require a TPM

password for users who have

administrative rights on the

system.

This is by design.

Any administrator can modify the Security

Platform Policies with or without TPM user

initialization.

HP ProtectTools Embedded

Security—Microsoft EFS

does not fully work in

Windows 2000

An administrator can access

encrypted information on the

system without knowing the

correct password. If the

administrator enters an

incorrect password or cancels

the password dialog, the

encrypted file will open as if

the administrator had entered

the correct password. This

happens regardless of the

security settings used when

encrypting the data.

The Data Recovery Policy is automatically

configured to designate an administrator as a

recovery agent. When a user key cannot be

retrieved (as in the case of entering the wrong

password or canceling the Enter Password

dialog), the file is automatically decrypted with

a recovery key.

This is due to the Microsoft EFS. Please refer to

Microsoft Knowledge Base Technical Article

Q257705 for more information.

The documents cannot be opened by a

non-administrator user.

HP ProtectTools Embedded

Security—When viewing a

certificate, it shows as

non-trusted.

After setting up HP

ProtectTools and running the

User Initialization Wizard,

the user has the ability to

view the certificate issued;

however, when viewing the

certificate, it shows as

non-trusted. While the

certificate can be installed at

this point by clicking the

install button, installing it

does not make it trusted.

Self-signed certificates are not trusted. In a

properly configured enterprise environment, EFS

certificates are issued by online Certification

Authorities and are trusted.

Software

Impacted-Short

description

Details Solution / Workaround