Issue
- You want to use ESET Endpoint Encryption (EEE) in a system image for deployment
- Resolve duplicated workstation IDs
- Resolve duplicated encryption keys in Full Disk Encryption
Solution
Resolve duplicated Workstation IDs
When you activate a managed client, EEE creates a unique workstation ID to enable the EEE Server management console to communicate with the Workstation. If you create a system image with an activated EEE client, the EEE Server will attempt to communicate with more workstations with the same ID. This will cause multiple issues as commands can only be retrieved by one instance.
Check your workstation IDs and apply the following changes to your system image:
-
Navigate to
C:\windows\system32\drivers\
and deleteDLSDBLK0.sys
.
-
Remove the activation registry keys from all user profiles that are activated in the image.
-
Navigate to
C:\Users\USER\AppData\Local\DESkey\DESlock+\
and remove all user'stokenstore.dat
files -
Reboot the workstation.
Resolve duplicated encryption keys in Full Disk Encryption
When you deploy a system image with EEE installed and the workstation policy Automatically start encryption after installation is enabled, the Full Disk Encryption key will be identical each time you deploy the system image.
If you use an image distribution software package such as Microsoft Deployment Tools (MDT), EEE can be applied without installation or activation. MDT will allow EEE to be installed using MSIExec for each deployment.