When accessing log files in \ProgramData\Dell\Dell Data Protection\Encryption, you may find the following error:
[06.30.15 09:28:45:426 ExternalAuth: 463 E] [SUPPORT] Authentication - Could not unprotect data [MS error = 0x8009000b]
This error is stating that the User’s password that is used to seal encryption keys and policy information about the local computer did not properly sync with active directory.
Third-party password management software is a common cause that can update active directory passwords outside of the local computer.
When this password update happens outside of the operating system, Dell Encryption Enterprise Shield may not be able to properly sync the password once it is changed.
Not Applicable
With version v8.5.2 and later, Dell Encryption Enterprise Shield clients have introduced a registry key that allows for detection of this issue and automatic remediation without a reboot.
To Enable Automatic Reactivation, set this key to:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\CMGShield]
When this triggers, a line in the logs of the client is generated:
Event Engine - Flagging user XXXXXXX@domain.org for automatic reactivation
A new registry key to record how many times this has run is generated as well.
Administrators can monitor how many reactivations have happened per computer with this new key.
The shield automatically generates this when a reactivation happens:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\CMGShield] "AutoReactivationCount"=dword:00000000sts
WSDeactivate is leveraged to fix this situation. Follow the link below for instructions:
How to run WSDeactivate on Dell Data Protection | Enterprise Shield for Windows
To contact support, reference Dell Data Security International Support Phone Numbers.
Go to TechDirect to generate a technical support request online.
For additional insights and resources, join the Dell Security Community Forum.