ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Bug Report: Offline Help Desk does not locate recovery key

book

Article ID: 172168

calendar_today

Updated On:

Products

Endpoint Encryption

Issue/Introduction

In Endpoint Encryption version 11.2.0, if a client machine has not yet checked in with the Management Server (SEEMS), the Offline (Advanced) Help Desk Recovery program will not provide a recovery key as expected. After supplying the Computer name, Sequence Number, and Challenge Key from they client, the Help Desk Program will  show an error message that the computer could not be found.

In the Help Desk Web Console: 
"Computer not Found"

In the MMC Help Desk Program:
"Computer [computername] not found on domain [domainname]"

Cause

The Help Desk Console is checking the database for the machine so that it can apply the Role Based Access Control (new feature added in 11.2.0) rules to it. Since the machine has never checked in, it does not yet exist. When using Offline Recovery, the software should not be checking the database for the machine. This should only happen for Online Recovery scenarios where the machine has checked in with the SEEMS.

Resolution

Symantec Corporation is committed to product quality and satisfied customers.  This issue is currently being considered by Symantec Corporation to be addressed in a forthcoming version or Maintenance Pack of the product.  Please be sure to refer back to this document periodically as any changes to the status of the issue will be reflected here.

 

Workaround:

The following is a known workaround for the issue until the permanent fix is released:

When providing the information for the Offline Help Desk Recovery, provide a Computer name of a machine that is known to have checked in with the SEEMS, then provide the Sequence Number and Challenge Key that is provided by the machine you are trying to gain access to. This will allow the correct recovery key to be generated for the client machine.