ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Endpoint Encryption is unable to encrypt HP EliteDesk 800 G3 desktops in UEFI mode

book

Article ID: 173068

calendar_today

Updated On:

Products

Endpoint Encryption

Issue/Introduction

Endpoint Encryption 11.x client installs on HP EliteDesk 800 G3 desktops with Windows 10 running in UEFI mode.

Encryption should start automatically, but unable to do so after a reboot.

Cause

On UEFI systems, a system partition exists named EFI, which is set to 100MB. Endpoint Encryption stores pre-boot information in EFI. The default HP Windows image includes an "HP" folder that consumes a majority of this space, which prevents Endpoint Encryption from writing the required files for encryption to work.

Environment

  • HP EliteDesk 800 G3 desktop
  • Endpoint Encryption 11.1.x or 11.2.x client
  • Windows 10 (seen on 1803, although could apply to other versions) with UEFI mode enabled

Resolution

The EFI\HP folder can be deleted, which will allow enough space for Endpoint Encryption to write the necessary files. Alternatively, reinstalling Windows and deleting the partitions can also free up space. Be advised that doing either of these will remove the ability to use HP's recovery tools.

Advanced users can also manually alter the partition schema and expand the EFI partition from 100MB to 200MB, however, this should be addressed with HP for assistance.