This article details a list of resolved issues in Symantec Endpoint Encryption 11 including all Maintenance Packs (MP).

Symantec Endpoint Encryption 11.1.0 Resolved Issues

Installations and Upgrades

• If the user who upgrades the Symantec Endpoint Encryption Management Server from Symantec Endpoint Encryption 8.2.1 MP15 or greater to Symantec Endpoint Encryption 11.0.1 or greater is not the same user who installed the earlier version, the server upgrade completes successfully. It is not treated as a fresh installation. [3813635, 3813636]
• When you upgrade fully encrypted clients from Symantec Endpoint Encryption 11.0.x to 11.1.0, the re-encrypt command is now blocked. When you upgrade fully encrypted clients from Symantec Encryption Desktop 10.3.2, the re-encrypt command is still allowed. [3856624]
• Hibernation no longer fails after upgrading the operating system from Windows 7 to Windows 10 using the provided Windows 10 in-place upgrade script. [3813697/3813699]
   

Symantec Endpoint Encryption Management Server

• In the Configuration Manager you can now enter a database server name that contains underscores. [3813675, 3813676]
• In the Configuration Manager you can now enter an Active Directory domain name that starts with a number. The domain name can be found in the credentials on the configuration pages for Database, Web Server, and Active Directory. [3787299]
• In the Configuration Manager on the Server Roles Configuration page, you can now assign server roles to server administrator groups, not just to individual administrators. [3729821]
   

Drive Encryption

• When a user authenticates to preboot using Drive Encryption Self-Recovery, the domain name is now required in addition to the user name to correctly identify the associated questions and answers. [3516617]
• After a disk with at least one logical partition is decrypted from the Administrator Command Line, the status now shows that the disk is also uninstrumented. [3831679]
• A blue screen error no longer occurs when client computers that have multiple disks reboot with the auto-encryption policy ‘Encrypt all disks’ enabled. These computers are running Windows 8.1 or greater. [3813694/3813695]
• When the Autologon Precedence policy is set to 'Autologon takes precedence over client monitor lockout,' the client computer is not locked when it fails to communicate with the server within the specified time interval. Preboot is bypassed and Autologon remains in effect. [3813653, 3813654]
• When the system language is other than a supported display language (DE, EN, ES, FR, or JP), the preboot keyboard layout is now correctly displayed. The display is based on the input keyboard language selection. [3704853, 3759280, 3869865]
• Resolved an issue so that WinPE recovery media now works on Dell Latitude E7240 and E7440 laptop computers. [3813658, 3813659]
   

Removable Media Encryption

• When files are sent to a ZIP file on a removable device, and the Removable Media Encryption policy is 'Do not encrypt,' the ZIP file is no longer encrypted. [3869333]
• When files are downloaded to a removable device from the Aspera High-Speed File Transfer Software plug-in, and the Removable Media Encryption policy 'Encrypt new files' is not selected, the transferred files are no longer encrypted. [3842985]
• Resolved an issue on removable devices that are running Windows 10 (on a FAT32 file system) where Removable Media Encryption with the ‘Encrypt files as per Symantec Data Loss Prevention’ policy (DLP 14.5) is installed. When sensitive files are written or copied to the device, they are no longer decrypted automatically after the auto-decrypt time interval. [3813700]
• If a removable device does not have sufficient space for the Removable Media Access Utility, when the device is inserted a warning message is displayed only if the option to copy the Access Utility is selected. [3869342]
• A client administrator must now have 'Decrypt' privileges to uninstall Removable Media Encryption. [3769534]
• A solution exists that enables you to send Removable Media Encryption workgroup keys securely from the Management Server to target computers using GPOs. A Symantec Knowledge Base article describes how to configure an Active Directory forest that correctly establishes the location of Symantec Endpoint Encryption Management Server and Removable Media Encryption endpoints. [3594866] See articles "Configuring Active Directory and LDAPS to use the Removable Media Encryption Workgroup Key feature" DOC9126.
   

General

• A blue screen error no longer occurs when you eject a USB drive from a client computer that has Drive Encryption, Removable Media Encryption, the DLP agent, and Kaspersky Endpoint Security antivirus software installed. [3811350]
   

Symantec Endpoint Encryption 11.0.1 MP1 Resolved Issues

• Resolved an issue with Drive Encryption so that the skipping of unused disk space while encrypting FAT and FAT32 volumes no longer causes data corruption. [3714618]
• Resolved an issue with Drive Encryption so that preboot authentication using token and PIN validation now completes within 10 seconds on the Microsoft Surface Pro series of tablets. [3723564]
• Resolved a compatibility issue with Drive Encryption so that the Windows Pre-installation Environment (WinPE) recovery media no longer fails to initialize mSATA solid-state drives (SSDs) that are connected through 2.5-inch SATA adapters on Dell laptops. [3764176, 3767122, 3767948]
• Resolved an issue so that only the user who originally installed Symantec Endpoint Encryption Management Server can perform an upgrade from version 8.2.1 MP15 or later to version 11.0.1 or later. [3746702]
• Resolved an issue so that Symantec Endpoint Encryption Management Server now permits the use of special characters in the database server name. [3769573]
   

Symantec Endpoint Encryption 11.0.1 Resolved Issues

• Resolved an issue in Symantec Endpoint Encryption Drive Encryption on Microsoft Windows systems so that users can now use smart cards for preboot authentication when you have enabled single sign-on. [3635438]
• Resolved an issue so that when both the Symantec Endpoint Encryption version 8.2.1 Framework and client software is installed on the same computer, you can now successfully upgrade the 8.2.1 Framework to the Management Console 11.0.1. The Symantec Endpoint Encryption client 8.2.1 is now successfully able to communicate to the Symantec Endpoint Encryption Management Server 11.0.1 after the upgrade. [3549554]
• Updated the online Help and the Policy Administrator's Guide to provide information about double-byte Japanese characters on the Legal Notice of the preboot authentication splash screen. Double-byte Japanese characters occupy double the width of Latin characters. As a result, in the Japanese version of the Endpoint Encryption client, the maximum number of characters that the Legal Notice on the splash screen can display is 512 instead of 1024. [3650614]
• Updated the online Help and the Policy Administrator's Guide to provide information about double-byte Japanese characters on the login page of the preboot authentication splash screen. Double-byte Japanese characters occupy double the width of Latin characters. As a result, in the Japanese version of the Endpoint Encryption client, the maximum number of characters that the login page can display is 40 instead of 80. [3650622]
• Updated the online Help and the Policy Administrator's Guide to provide information about longer words in the Legal Notice of the preboot authentication splash screen. The splash screen limits the number of lines it can display to 19 lines of text. The maximum number of characters the Endpoint Encryption client can display on the splash screen is 1024. However, longer words can cause lines to wrap early and meet the limit of 19 lines of text. [3638089]
• Resolved an issue where you were required to manually add the Help Desk snap-in and the Autologon snap-in to the Microsoft Management Console (MMC). The Help Desk and Autologon snap-in MSI installation files now automatically add them to the MMC. [3567449]
• Resolved an issue where a client computer failed to communicate with the Symantec Endpoint Encryption Management Server if you uninstalled the Management Console from that client. [3582578]
• Updated the Symantec Endpoint Encryption Management Server online Help to provide information about users needing administrative rights to access the Reports snap-in. Local users added as server or report administrators now receive a configuration save error message on custom reports. To avoid this error, users require administrative rights before you can add them as a server or report administrator. [3720371]
• Resolved an issue where switching users in classic mode caused an error “SEE Client has detected that another session is running”. [3451867]
• Resolved an issue where the Help Desk console, when installed on a Microsoft Windows 7 Manager computer, would generate an unexpected error after you entered the Management Password. [3682653]
• Updated the Symantec Endpoint Encryption Management Server online Help with information on dual management console functionality. If you need to use a Symantec Endpoint Encryption 8.2.1 Management Console to create 8.2.1 clients, you must first upgrade 8.2.1 to MP14. [3649650]
• Resolved an issue where an upgrade from Symantec Endpoint Encryption 11.0 failed if you renamed the client MSI files. [3656741]

Symantec Endpoint Encryption 11.0.0 MP3 Resolved Issues

• Resolved the issue that caused blue screen errors after Symantec Endpoint Encryption Drive Encryption was installed on Microsoft Windows systems using HP custom images. [3717299]
• Resolved an issue so that Microsoft Windows Explorer does not stop unexpectedly when you access mapped Distributed File System (DFS) shares on the client computers with Symantec Endpoint Encryption Removable Media Encryption 11.0.0 MP3 installed. [3683540]
• Decryption of Removable Media Encryption sensitive files with DLP integration: When Removable Media Encryption uses the Automatic Encryption policy option of EncryptfileasperSymantecDataLossPrevention and an Encryption Format policy option of SEERS, which is compatible with Symantec Endpoint Encryption Removable Storage version 8.2.1, sensitive files are decrypted when the auto-decrypt time interval expires.” [3670852,3669212]
   

Symantec Endpoint Encryption 11.0.0 MP2 Resolved Issues

• Symantec Endpoint Encryption 11.0.0 MP2 was removed from general availability due to an issue discovered after it was released.

Symantec Endpoint Encryption 11.0.0 MP1 Resolved Issues

• Resolved an issue so that the disk encryption status of a Drive Encryption client is updated in the Management Console as soon as disk encryption is initiated. [3567481]
• Drive Encryption client computers now properly display the Last check-in date and time of the latest communication of a client computer with the Symantec Endpoint Encryption Management Server. [3579004]
• Drive Encryption client computers that boot in UEFI-mode now properly display the pause duration time between incorrect password attempts at preboot authentication. [3586535]
• Resolved an issue so that client computers no longer stop communicating with a Symantec Endpoint Encryption Management Server that is installed on a Microsoft Windows Server 2008 R2 system when administrators use the SEEMS Configuration Manager to change the database credentials. [3611136]