...
If the computer is not booting properly or you cannot get past the pre-boot authentication, you will need to perform an emergency recovery.
Process
- The FSP should first log into the ePO server at https://ssvmepotest:8443. They can log in with a username of tufts\UTLN and their tufts password.Console.
- Once logged in, select menu in the top left, then select System Tree under the Systems Section.
- Select My Organization from the left hand system tree, then change preset to "This Group and All Subgroups"
- In the search box, enter the name of the computer you wish to disable drive encryption on.
- Check the check box next to the computer name, and select Actions->Tag->Apply Tag
- Select Remove_MDE from the tag list and click ok.
- Upon next policy enforcement, the computer will start the decryption process. The McAfee agent will still be installed with disk encryption but encryption will be disabled. To re-enable encryption, simply check the box next to the computer name in the system tree, then click Actions->Tag->Clear Tag-> to remove the Remove_MDE tag.
- To completely remove the McAfee agent, select the check box next to the computer name, and click Actions->Directory Management->Delete->Remove Agent on next Agent-Server Communication.
- The computer object will show back up in the system tree after the next AD sync (it runs every hour)
| Note |
|---|
To enable MDE again, simply check the box next to the computer and select Actions->Tag->Clear Tag to delete the Remove_MDE tag |