Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Tuyen_Van_Huy
Participant

Checkpoint Endpoint - Preboot

Dear team,

After installing checkpoint endpoint, I rename my computer, and join domain. But it doesn't update on the pre-boot screen. Please help me to fix it.

Thank you!

Capture.PNG

0 Kudos
6 Replies
G_W_Albrecht
Legend
Legend

I would involve TAC here !

CCSE CCTE CCSM SMB Specialist
J_B
Collaborator

Is it just a problem on this one machine, or more than one?

I'd check a few basic things to begin with....

Is your Organization Scanner running within SmartEndpoint and can you see your machine under Users and Computers? 

Do you have specific FDE policies setup on the OU that your machine resides in, or is it picking up the Default policy?

Does the machine get all the latest policies when you do an update now on the client machine?

 

Tuyen_Van_Huy
Participant

Dear guy,
- Is your Organization Scanner running within SmartEndpoint and can you see your machine under Users and Computers? -> Yes.
- Do you have specific FDE policies setup on the OU that your machine resides in, or is it picking up the Default policy? -> I try to test by changing some policies.
- Does the machine get all the latest policies when you do an update now on the client machine? -> Yes.
0 Kudos
J_B
Collaborator

Normally I would add the computer to the domain first and then install checkpoint after that.

Sometimes when we see strange things happening with clients, such as not being able to download updated policies etc, we rerun the checkpoint installer on the machine and that sorts it, you could try that.

Tuyen_Van_Huy
Participant

It's very hard to operate :(. Please help me to give some experiences about FDE and Media & Port encryption
0 Kudos
mdjmcnally
Advisor

Well the way that rolls out here where i work is via SCCM

 

Machine boots and is picked up that re-images

Connects with the SCCM and starts to clean install Windows Image as part of which joins the domain

Then it installs the Deployment Agent so already domain joined when deployed the agent.

 

After imaging the the DA communicates with the Endpoint Server and pulls down appropriate blades and policies using the deployment policies.

Other places I knew included the FDE Blade in the SCCM installation package

 

You really need to have the FDE policy in place before putting the Blades on machines, things like password sync if synching your pre-boot and windows login etc.

Not everyone does this as they specifically require seperate logins 

 

I believe that this also makes a difference in terms of machine id and the recovery file that should be used to decrypt the box if neccessary.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events