Dell Encryption External Media 對話方塊自訂

受影響的產品：

• Dell Data Protection | External Media Edition
• Dell Encryption External Media

自訂 EMS 對話方塊

運作方式

可使用名為 EMSStrings.xml 的 XML 檔案自訂 EMS 對話方塊。檔案必須放置在 C:\Windows\System32，才能套用自訂內容。任何裝置在從具有自訂對話方塊的電腦隨需分配時，都會將 EMSStrings.xml 檔案新增至 _Encryption_Data_Do_Not_Delete_ 檔案，因此自訂內容會隨裝置傳輸。
自訂內容的套用順序如下：

1. 如果受保護的裝置有 EMSStrings.xml 檔案，便會使用該檔案。
2. 如果沒有，則請將檔案置入 C：\Windows\System32 （若存在）。
   • 若為 v8.18 及更新版本，請將檔案置於 C:\Program Files\Dell\Dell Data Protection\Encryption。

何時會更新裝置上的 XML 檔案？

每當裝置通過認證，且擁有者登入時，XML 檔案會根據 C:\Windows\System32 內的檔案更新。

如果 XML 檔案已更新，變更會何時套用？

一旦 C:\Windows\System32 內的檔案經過編輯，會在下次插入裝置時套用新的文字。請記住，如果加密裝置仍有較舊的 XML 檔案，我們仍會使用該檔案，但裝置中的 XML 檔案最終仍會更新。

這是否涉及 EE 伺服器或 VE 伺服器？

否，EE 伺服器或 VE 伺服器不會遞交 XML 檔案。您可以使用組織可用的任何推送技術，將 XML 檔案推送至用戶端電腦。

XML 檔案的格式是什麼？

版本元素

版本元素會定義用戶端版本。版本元素僅用於紀錄。

<version>
<cmgClient>8.x.x</cmgClient>
<customStrings>1.0</customStrings>
</version>

語言設定

語言設定是針對特定語言的對話方塊自訂。

<languageSet languageId="0x00"></languageSet>

languageId 定義 Windows 定義的目標主要語言。在本例中， 0x00 定義 預設 語言集。如果有找到使用者目前的 MUI 語言，我們會使用該語言。如果沒有，我們會使用預設語言 (0x00)。

以下為可用的語言 ID：

對話方塊自訂 XML 元素

對話框 XML 元素用於自訂對話框。以下是基本對話方塊自訂項目的範例：

<dialog id="A-1">
<message>Ask to Shield unprotected media.[EndState: ALL]</message>
</dialog>

id 屬性

每個對話框自定義元素都需要一個 id 屬性，該屬性定義要自定義的對話框。下表的螢幕擷取畫面會定義對話方塊 ID。

endState 屬性

某些對話框支援 endState 屬性。此屬性可用於為特定對話方塊提供不同的自訂內容，如果使用者未繼續此程序，則裝置的最終狀態將有所不同。例如，A-1 對話方塊可以有三個不同的項目，每個最終狀態各有一個：

<dialog id="A-1" endState="blocked">
<message>Ask to Shield unprotected media.[EndState: BLOCKED]</message>
<link url="https:\\www.dell.com">Link to more info about encryption or being blocked...</link>

</dialog>
<dialog id="A-1" endState="readonly">
<message>Ask to Shield unprotected media.[EndState: READ-ONLY]</message>
</dialog>
<dialog id="A-1" endState="fullaccess">
<message>Ask to Shield unprotected media.[EndState: FULL ACCESS]</message>
</dialog>

訊息 子元素

消息元素用於自定義對話框的主要消息。

連接 子元素

連結元素僅支援 A-？對話框，這允許向對話框添加URL連結。其方式如下：

<link url="https:\\www.dell.com">Link to more info about encryption or the end state...</link>

其中 url 屬性會指定連結，而內部文字則指定要顯示的可點按訊息。

iForget（忘記） 子元素

iForget元素僅支援 C-1 和 C-2 對話框，它指定使用者按下“我忘記”按鈕時顯示的消息。

fusWarningChild 元素

fusWarning 元素僅支援 C-1 和 C-2 對話框，如果使用者在多個使用者登錄到工作站時嘗試對設備進行身份驗證，則會顯示該對話方塊。此元素清楚指出存在安全性風險。

cancelWarning 子元素

cancelWarning 元素僅支援 F-1 對話框，它指定使用者取消手動身份驗證時顯示的消息。

對話方塊 ID	螢幕擷取畫面			描述名稱	支援的自訂內容
	已封鎖	唯讀存取	完整存取
A-1				要求保護未受保護的媒體。如果使用者按一下否，裝置會處在「未保護」狀態，且存取權取決於存取未受保護的媒體原則。	endState 訊息
A-2				如果裝置是在 5.3 EMS 之前受到保護，便會顯示此對話方塊，詢問使用者是否要升級 EMS。只有在裝置可以根據新的漫遊規則，透過目前的使用者/機器組合進行升級時，才會顯示此訊息。	endState 訊息
A-3				此對話方塊會在必須修復裝置中的金鑰資料時顯示。這可能是因為手動認證失敗、使用者篡改或裝置損壞而遭到刪除。變更原則導致需要重設金鑰資料時也會觸發此機制。	endState 訊息連結
B-1				當裝置受到保護或還原時，會顯示此對話方塊。	endState 訊息
B-2				使用者輸入的密碼不符合系統管理員所設限制時顯示。	endState 訊息
B-3				當必須再次設置設備密碼時顯示的對話方塊，通常是手動身份驗證的結果。在這種情況下，「 取消 」會讓裝置處於原則導向狀態。	endState 訊息
B-4				當提供的密碼不符合密碼限制時，重新顯示密碼重設對話方塊。	endState 訊息
B-5				新密碼設定為與先前的密碼相同時，重新顯示密碼重設對話方塊。	訊息
C-1				當無法進行自動驗證時，向使用者要求裝置密碼以進行密碼驗證。	endState 訊息 iForgot fusWarning
C-2				如果提供的認證密碼不正確，我們會要求使用者重試輸入密碼。	endState 訊息 iForgot fusWarning
D-1				發生掃掠時會顯示已保護媒體對話方塊，並顯示系統匣圖示。	是
D-2				掃掠關閉時所顯示的已保護媒體對話方塊。	是
E-1				當裝置經過認證後，使用者要求變更現有裝置密碼時顯示。	是
E2				當密碼變更失敗時，重新顯示密碼變更對話方塊，可能是因為目前的密碼不正確。	是
E-3				當新的密碼不符合系統管理密碼限制時，重新顯示密碼變更對話方塊。	是
E-4				當目前密碼不再符合新的原則要求時，顯示密碼變更對話方塊。	是
F-1				在使用者輸入密碼的次數超過原則定義時顯示。	是
F-2				在使用者輸入密碼的次數超過原則定義時顯示。在這種情況下，VolumeInfo.xml 檔案為遺失或損毀。	在自訂方面，這和 F-1 相同。
G-1				在金鑰材料遺失，但機器/使用者組合不允許我們復原裝置時顯示 （告知使用者將裝置插入原始使用者登入 （若漫遊） 的受保護電腦，以還原金鑰資料）。如果不是漫遊，則需要完整的計算機/使用者匹配才能恢復！	是
G-2				在裝置受到 CMG 5.3 前的保護，且因不在原始使用者的原始機器中而無法升級時顯示。	是
G-3				當媒體 (floppies) 太小，EMS 無法保護時顯示。	是
G-4				當裝置沒有足夠的可用空間，導致 EMS 無法保護裝置時顯示。	是
G-5				當裝置的金鑰資料遺失，且因為無法擷取 Shield ID 而無法從中還原時顯示。	是
G-6				當原則不允許在未安裝 Shield 的情況下存取加密媒體時顯示。	是
G-7				當使用者將手持 EMS 裝置插入 Windows 由 EMS 保護的電腦時顯示。	是
G-8				在因為手動認證失敗而導致金鑰資料刪除時顯示。這是由原則控制。	是
G-9				當裝置因手動驗證失敗而進入冷卻時間時顯示。這是由原則控制。	是
G-10				警告使用者，當原則需要時，唯讀裝置無法受到保護。	是
G-11				警告使用者裝置正在其他電腦中進行升級掃掠。	是
G-12				無法修復比安裝 EMS 裝置更新的裝置。	是
G-13				磁碟區以較新的、不受支援的 IFF 格式加密。媒體遭到封鎖。	是
H-1				顯示對話框或對話方塊，表示已接受裝置密碼。	是
H-2				顯示 氣泡 ，表示裝置已在原始 Shielding 電腦中自動通過驗證。	是
I-1				掃掠期間顯示的動畫對話方塊 （EMS 請務必顯示此內容，因為在此步驟完成之前移除裝置會將未加密的資料留在裝置中）。	是
I-2				在加密掃掠時顯示的動畫對話方塊。EMS 必須顯示此資訊，因為若在完成此步驟前移除裝置，將會在裝置中留下未加密的資料。	是
J-1				將 EMS 檔案安裝至新的受保護裝置過程中使用的進度對話方塊。不應退出媒體 。	是
J-2				將受保護裝置中升級 EMS 檔案過程中使用的進度對話方塊。不應退出媒體 。	是
K-1				在自動認證裝置時，「快速使用者切換」相關警告使用的是/否對話方塊。	是

XML 範例

<?xml version="1.0" encoding="utf-8"?>

<emsCustomDialogStrings>

<version>
<cmgClient>8.x.x</cmgClient> 
<customStrings>1.0</customStrings> 
</version> 

<!-- ENGLISH/DEFAULT --> 
 
<languageSet languageId="0x00"> 
 
<dialog id="A-1"> 
<message>Ask to Shield unprotected media.[EndState: ALL]</message> 
<link  url="https:
www.dell.com">Link  to more  info  about  encryption  or  the  end state...</link> 
</dialog> 

<!-- 
<dialog id="A-1" endState="blocked"> 
<message>Ask to Shield unprotected media.[EndState: BLOCKED]</message> 
<link  url="https:
www.dell.com">Link  to more  info  about  encryption  or  being   blocked...</link> 
</dialog>  

<dialog id="A-1" endState="readonly"> 
<message>Ask to Shield unprotected media.[EndState: READ-ONLY]</message> 
</dialog> 

<dialog id="A-1" endState="fullaccess">  
<message>Ask to Shield unprotected media.[EndState: FULL ACCESS]</message> 
</dialog>  

--> 

<dialog id="A-2" endState="blocked"> 
<message>Ask to upgrade pre-EMS device (CMG Shielded) to EMS Shielding.[EndState: BLOCKED]</message> 
<link  url="https:
www.dell.com">Link  to more  info  about  pre­EMS  devices or  being   blocked...</link> 
</dialog> 

<dialog id="A-2" endState="readonly"> 
<message>Ask to upgrade pre-EMS device (CMG Shielded) to EMS Shielding.[EndState: READ-ONLY]</message> 
</dialog> 

<dialog id="A-2" endState="fullaccess"> 
<message>Ask to upgrade pre-EMS device (CMG Shielded) to EMS Shielding.[EndState: FULL ACCESS]</message> 
</dialog> 

<dialog id="A-3" endState="blocked"> 
<message>Ask to restore key material.[EndState:  BLOCKED]</message> 
<link  url="https:
www.dell.com">Link  to more  info  about  recovery or  being   blocked...</link> 
</dialog> 

<dialog id="A-3" endState="readonly"> 
<message>Ask to restore key material.[EndState:  READ-ONLY]</message> 
</dialog> 

<dialog id="A-3" endState="fullaccess">  
<message>Ask to restore key material.[EndState: FULL ACCESS]</message> 
</dialog> 

<dialog id="B-1" endState="blocked"> 
<message>This dialog is shown when a device is Shielded or recovered.[EndState: BLOCKED]</message> 
</dialog> 
 
<dialog id="B-1" endState="readonly"> 
<message>This dialog is shown when a device is Shielded or recovered.[EndState: READ-ONLY]</message> 
</dialog> 

<dialog id="B-1" endState="fullaccess"> 
<message>This dialog is shown when a device is Shielded or recovered.[EndState: FULL ACCESS]</message> 
</dialog> 

<dialog id="B-2" endState="blocked"> 
<message>Shown after the user enters a password which does not meet the restrictions placed by the Administrator.[EndState:  BLOCKED]</message> 
</dialog> 

<dialog id="B-2" endState="readonly"> 
<message>Shown after the user enters a password which does not meet the restrictions placed by the Administrator.[EndState:  READ-ONLY]</message> 
</dialog> 

<dialog id="B-2" endState="fullaccess"> 
<message>Shown after the user enters a password which does not meet the restrictions placed by the Administrator.[EndState:  FULL ACCESS]</message>  
</dialog> 

<dialog id="B-3" endState="blocked"> 
<message>Dialog  displayed when the device's password needs to be set again, usually  as a result of a manual authentication.  In this case a 'Cancel' will leave the device in a policy driven state..[EndState: BLOCKED]</message> 
</dialog> 

<dialog id="B-3" endState="readonly"> 
<message>Dialog  displayed when the device's password needs to be set again, usually  as a result of a manual authentication.  In this case a 'Cancel' will leave the device in a policy driven state..[EndState: READ-ONLY]</message> 
</dialog> 

<dialog id="B-3" endState="fullaccess"> 
<message>Dialog  displayed when the device's password needs to be set again, usually  as a result of a manual authentication.  In this case a 'Cancel' will leave the device in a policy driven state..[EndState: FULL ACCESS]</message> 
</dialog> 

<dialog id="B-4"> 
<message>Redisplay the password reset dialog when the password provided did not meet the password restrictions.</message> 
</dialog> 

<dialog id="B-5"> 
<message>Redisplay the password reset dialog after setting the new password to be the same as the previous password.</message> 
</dialog> 

<dialog id="C-1" endState="blocked">  
<message>Request the device password from user for password authentication when auto authentication is not possible.[EndState: BLOCKED]</message> 
<iForgot>This is the confirmation that you really want to say 'I Forgot'. If you do you, will need to manually authenticate by contacting an administrator or logging in the owning user.</iForgot> 
<fusWarning>This is the warning about multiple  users being logged in which will result in all users having  access to the device if it is authenticated!</fusWarning> 
</dialog> 

<dialog id="C-1" endState="readonly"> 
<message>Request the device password from user for password authentication when auto authentication is not possible.[EndState: READ-ONLY]</message> 
<iForgot>This is the confirmation that you really want to say 'I Forgot'. If you do you, will need to manually authenticate by contacting an administrator or logging in the owning user.</iForgot> 
<fusWarning>This is the warning about multiple  users being logged in which will result in all users having  access to the device if it is authenticated!</fusWarning> 
</dialog> 

<dialog id="C-1" endState="fullaccess"> 
<message>Request the device password from user for password authentication when auto authentication is not possible.[EndState: FULL ACCESS]</message> 
<iForgot>This is the confirmation that you really want to say 'I Forgot'. If you do you, will need to manually authenticate by contacting an administrator or logging in the owning user.</iForgot> 
<fusWarning>This is the warning about multiple  users being logged in which will result in all users having  access to the device if it is authenticated!</fusWarning> 
</dialog> 

<dialog id="C-2" endState="blocked"> 
<message>If the password provided for authentication was incorrect, we ask the user to retry entering the password.[EndState: BLOCKED]</message> 
<iForgot>This is the confirmation that you really want to say 'I Forgot'. If you do you, will need to manually authenticate by contacting an administrator or logging in the owning user.</iForgot> 
<fusWarning>This is the warning about multiple  users being logged in which will result in all users having  access to the device if it is authenticated!</fusWarning> 
</dialog> 

<dialog id="C-2" endState="readonly">  
<message>If the password provided for authentication was incorrect, we ask the user to retry entering the password.[EndState: READ-ONLY]</message> 
<iForgot>This is the confirmation that you really want to say 'I Forgot'. If you do you, will need to manually authenticate by contacting an administrator or logging in the owning user.</iForgot> 
<fusWarning>This is the warning about multiple  users being logged in which will result in all users having  access to the device if it is authenticated!</fusWarning> 
</dialog> 

<dialog id="C-2" endState="fullaccess"> 
<message>If the password provided for authentication was incorrect, we ask the user to retry entering the password.[EndState: FULL ACCESS]</message> 
<iForgot>This is the confirmation that you really want to say 'I Forgot'. If you do you, will need to manually authenticate by contacting an administrator or logging in the owning user.</iForgot> 
<fusWarning>This is the warning about multiple  users being logged in which will result in all users having  access to the device if it is authenticated!</fusWarning> 
</dialog> 

<dialog id="D-1"> 
<message>The 'media Shielded' dialog displayed after provisioning  of a device when sweeping will occur.</message> 
</dialog> 

<dialog id="D-2"> 
<message>The 'media Shielded' dialog displayed after provisioning  of a device, but *no* sweep will occur.</message> 
</dialog> 

<dialog id="E-1"> 
<message>Displayed  when the user asks to change the existing  device password after a device has been authenticated.</message> 
</dialog> 

<dialog id="E-2">  
<message>Redisplay password change dialog when the change of password fails, probably due to an incorrect current password.</message> 
</dialog> 

<dialog id="E-3"> 
<message>Redisplay password change dialog when the new password does not meet administrative  password restrictions.</message> 
</dialog> 

<dialog id="E-4"> 
<message>Display password change dialog when the current password no longer meets new policy requirements.</message> 
</dialog> 

<dialog id="F-1"> 
<message>Shown when the user has failed to enter the password the number of times defined by policy.</message> 
<cancelWarning>This text should express the repercusions of cancelling manual authentication!</cancelWarning> 
</dialog> 

<dialog id="G-1"> 
<message>Shown when the key material is lost but the machine/user combination  does not allow us to recover the device. Should tell the user to insert the device in a CMG Shielded machine where the original user is logged in (if Roaming) to restore the key material. If not Roaming, we need a full machine/user match to recover.</message> 
</dialog> 

<dialog id="G-2"> 
<message>Displayed when an external device was Shielded by CMG (pre-5.3)  and cannot be upgraded because its not in the original machine under the original user.</message> 
</dialog> 

<dialog id="G-3">  
<message>Displayed when the media (floppies) is too small to allow EMS Shielding.</message> 
</dialog> 

<dialog id="G-4" endState="blocked"> 
<message>Displayed when the external device does not have enough free space to EMS Shield the device.[EndState: BLOCKED]</message> 
</dialog> 

<dialog id="G-4" endState="readonly"> 
<message>Displayed when the external device does not have enough free space to EMS Shield the device.[EndState: READ-ONLY]</message> 
</dialog> 

<dialog id="G-4" endState="fullaccess"> 
<message>Displayed when the external device does not have enough free space to EMS Shield the device.[EndState: FULL ACCESS]</message> 
</dialog> 

<dialog id="G-5"> 
<message>Shown when a device's key material has been lost and there is no way to recover from it because there is no way to retrieve the Shield ID.</message> 
</dialog> 

<dialog id="G-6"> 
<message>Displayed when policy does not allow access of encrypted media w/o the CMG Shield installed.</message> 
</dialog> 

<dialog id="G-7"> 
<message>Displayed if the user happens to insert a Handheld EMS device into an Windows EMS Shielded machine.</message> 
</dialog> 

<dialog id="G-8">  
<message>Displayed when the key material is deleted due to a manual authorization failure. This is controlled by policy.</message> 
</dialog> 

<dialog id="G-9"> 
<message>Displayed when device has entered a cooldown  period due to a manual authorization failure. This is controlled by policy.</message> 
</dialog> 

<dialog id="G-10"> 
<message>Warns the user that a read-only device cannot be Shielded when policy requires it.</message> 
</dialog> 

<dialog id="G-11"> 
<message>Warns the user that the device was undergoing an upgrade sweep in a different  machine.</message> 
</dialog> 

<dialog id="G-12"> 
<message>Cannot repair a device newer than the EMS currently installed.</message> 
</dialog> 

<dialog id="G-13"> 
<message>Volume is encrypted with an newer, unsupported IFF format. Media is blocked.</message> 
</dialog> 

<dialog id="G-14"> 
<message>Shown when a user double-clicks  a file in EMSExplorer. It tells them that this feature has been disabled.</message> 
</dialog> 

<dialog id="G-15"> 
<message>If during a sweep we fail to encrypt a file due to lack of free space on the device, this dialog is shown.</message> 
</dialog> 

<dialog id="J-1"> 
<message>Progress dialog used during the process of installing EMS files into a newly Shielded device. Media *should not* be ejected at this point.</message> 
</dialog> 

<dialog id="J-2"> 
<message>Progress  dialog  used  during  the  process   of  upgrading EMS  files  in  a shielded device.  Media  *should not*  be ejected  at this  point.</message> 
</dialog> 

<dialog id="K-1"> 
<message>The Yes/No Dialog  being used for the Fast User Switching  related warning when a device is being autoauthenticated...</message> 
</dialog> 

</languageSet> 

</emsCustomDialogStrings> 

如要聯絡支援部門，請參閱 Dell Data Security 國際支援電話號碼。
請前往 TechDirect，以線上產生技術支援要求。
如需更多深入見解與資源，請加入 Dell 安全性社群論壇。