In case of forgotten password scenarios, end users can use a helpdesk-assisted challenge and response mechanism to reset encrypted removable media and recover data from optical media. The recovery process can be used in both onsite and offsite scenarios (even on endpoints without the software installed). This feature is enabled by default.
- Helpdesk recovery for Removable Media devices is the only recovery option available for
FRP OS X clients.
- Helpdesk recovery for Optical Media devices was introduced with
FRP 5.0.1, and is only available for Windows platforms.
When end users forget their authentication credentials, to initiate recovery, perform either of the below options:
- Click
Forgot Password on the
Authentication window.
- Click
Recover media under the
Removable Media section on the
FRP client console (Windows clients only).
A challenge code (with the phonetics) is displayed to the client user along with a recovery message that is customizable by the administrator. The user can now contact the helpdesk with the challenge code.
As a
McAfee ePO user, your
FRP Recovery permission set must be set to
Manage Recovery to be able to generate a response code for end users.
Task
-
Log on to the
ePolicy Orchestrator server as an administrator.
-
Click
-
Select the
Removable Media Recovery or
Optical Media Recovery tab.
-
In the
Challenge Code field, type the code provided by the user. The system starts to automatically match/filter with the known entries after 12 characters have been entered to quicken the recovery process. It is also possible to speed up the lookup by selecting vendor and product filters with
Removable Media Recovery.
Note: For the recovery information to be available on
McAfee ePO, events generated at the time of initialization of the removable media/optical media device on the
FRP client need to have been sent and processed by
McAfee ePO. This automatically occurs at the next client ASCI.
Once a match of the challenge code with the available database has been established, details such as user name (user who initialized the device), device size, and last access time are displayed verify the caller's identity.
-
Click
Recover to generate a response code. Read out the response code to the user. Depending on the type of media and the applied policy, the user may be asked to reset the authentication credentials after entering the response code. For
Removable Media Recovery, users will be asked to reset their authentication credentials to complete the recovery process. For
Optical Media Recovery, the media will be unlocked to enable data recovery.
-
A
McAfee ePO audit log is generated with details of the
McAfee ePO user or administrator, who generated the response code along with the client user for whom the code was generated. An event is also generated for
Recovery/Credential Change when the operation is performed on a
FRP client.
Note: The event for
Recovery/Credential Change on the client was introduced in
FRP 5.0.1, and is generated only for
FRP Windows clients.