User is not presented Pre-boot authentication after installing Symantec Endpoint Encryption 11. The user is not registered appropriately during the auto-registration process after install of the Symantec Endpoint Drive Encryption client.

The SEE Management Agent Client.msi must be installed prior to the SEE Drive Encryption Client.msi in order for the auto-registration process to complete properly

Method 1

If the user registration is not automatically invoked, as a workaround you may follow the below steps to invoke it manually.

1.     Click on the START menu
2.     Type CMD in the RUN box
3.     Browse to the following location within the command prompt:
     C:\Program Files\Symantec\Endpoint Encryption\Drive Encryption

4.     Execute the following command:

            eedAdminCli --register-user -u (Windows ID) -p (Windows Password) --au (client admin id) --ap (client admin passphrase)

 This command will register the user to the device and you will now see Boot Guard when you start the PC.

Method 2

If you used GPO to install the software Endpoint Encryption Management Agent and Disk Encryption, the policy may have been setup incorrectly. Using one policy to install multiple components of the software may cause issues.

Workaround:

Create a separate GPO software installation policy for each Symantec Endpoint Encryption component and install them in the correct order.

a)     SEE Management Agent Client

b)     SEE Drive Encryption Client

Note: You may install the rest of the packages in any order, after you have installed the SEE Management Agent Client and SEE Drive Encryption Client. 

Applies To

This issue can be caused by using GPO to deploy the software packages for Symantec Endpoint Encryption 11