Issue
- Prerequisites
- Use ESET Endpoint Encryption Server to disable Pre-Boot Authentication
- Use ESET Endpoint Encryption Server to enable Pre-Boot Authentication
- Use ESET Endpoint Encryption command line tool to enable or disable Pre-Boot Authentication
Details
Click here to expand
Disable Pre-Boot Authentication also known as Maintenance Mode is a feature that enables a Full Disk Encrypted (FDE) Workstation to restart without requiring the user to authenticate in the pre-boot environment. This may be used by system administrators who are working remotely and want to restart Windows but there is no one physically present to type credentials at the pre-boot screen.
- This feature can be useful when performing software updates or configuration changes that require Windows to restart.
- This feature is optional and disabled by default. After the configured period or number of restarts without authentication has been reached, authentication is required again.
Solution
Prerequisites
- ESET Endpoint Encryption v4.9.2 or later
- A Workstation is Encrypted and using EFI Boot Mode
Use ESET Endpoint Encryption Server to disable Pre-Boot Authentication
- Log in to the ESET Endpoint Encryption (EEE) Server.
- Click Workstations, select the applicable Workstation and click Details.
- Click Pre-Boot Authentication.
- Select Disable.
- Select one of the available options and type a value. Click Disable.
- Type your EEE Server login password and click OK.
- In the Workstation Details tab, a Workstation Status will display.
- This will remain enabled on the Workstation until the condition set has been met.
- Log in to the ESET Endpoint Encryption (EEE) Server.
- Click Workstations, select the applicable Workstation and click Details.
- Click Pre-Boot Authentication.
- Select Enable.
- Click Enable.
Use ESET Endpoint Encryption command line tool to enable or disable Pre-Boot Authentication
- Use Maintenance mode to enable or disable Pre-Boot Authentication
