Please note that WinMagic is deprecating SecureDoc V4 Pre-Boot Authentication (PBA) support for SEDs in favor of the fuller function, more capable, V5 Pre-Boot Linux (PBL). The existing V4 support for SEDs will remain in the product for the time being but will not be maintained or enhanced. We recommend that customers migrate to V5 PBL over the course of the next year.
WinMagic has done extensive work to improve, streamline and augment the security surrounding the initial deployment of Key Files during the process of installing the SecureDoc Client software, bearing in mind that many customers have widely divergent requirements relating to how devices are used during and after initial installation. Some customers install SecureDoc while the primary device user is on or will be on the machine, while others may need to protect new devices before the end-users of those devices have been defined, as well as other scenarios.
Please refer to the When SecureDoc server is upgraded to version 7.1SR2a HF2 from previous versions (6.5 or earlier) and the Setting up Device Provisioning Rules sections under the Creating Installation Packages for Windows chapter in the SES User Manual to understand how these new settings work, in order to inform your own use of these new features, particularly as they operate in a way that cannot be easily migrated from the previous methodology to the new methodology. Upon upgrading from an earlier version, you will need to adjust each of your existing Installation Packages to reflect the deployment methodology that will meet your security design.
System requirements and supported devices, including tokens and SmartCards, for SecureDoc v7.1 SR2a HF2 are listed here.
Note: It is strongly recommended to initially install Full-Text Indexing feature (Full-Text Search) into the Database Engine, before performing an SES installation. More information can be found here: msdn.microsoft.com/en-us/library/ms143786(v=sql.100).ASPX
During the installation of SES, if Full-Text Indexing has not been installed, a message will appear indicating the absence of the Full-Text Indexing. This message will not allow the user to stop the installation of SES which will require retrofitting Full-Text Indexing into an existing SQL Server.
Note: Use of the SES Console will require the user to have at least local admin rights on the server or client device (e.g. Admin desktop) on which it runs, in order for the console to function properly.
Note: WinMagic is deprecating SecureDoc V4 Pre-Boot Authentication (PBA) support for SEDs in favor of the fuller function, more capable, V5 Pre-Boot Linux (PBL). The existing V4 support for SEDs will remain in the product for the time being but will not be maintained or enhanced. We recommend that customers migrate to V5 PBL over the course of the next year.
Windows Custom ISO DVD fails while upgrading client devices to Windows 10 TH2
Issue: An issue has been reported that when users were attempting to upgrade the client devices from Windows Enterprise OS (Build#10240) to Windows 10 TH2 (Build#1511) with SecureDoc integrated (from DVD), the Windows 10 TH2 installation failed displaying an error message.
This issue has now been resolved
Dell Latitude E7250 and E7450 computers were unable to boot in the UEFI mode
Issue: This issue occurred on Dell Latitude E7250 & E7450 computers that are running Windows 10 Enterprise OS. After installing SecureDoc, these devices fail to boot into UEFI mode even when the “UEFI Driver” setting is enabled.
This issue has been resolved and now these devices will successfully boot into UEFI mode.
Single-Sign On (SSO) is not working on Windows devices when users are offline
Issue: This occurred on Windows client devices that are running SecureDoc with Single Sign on (SSO) option enabled. When a user was offline and attempted to log into Windows, they are forced to authenticate again into Windows. This issue has been resolved.
Now, users who are offline can successfully perform single on into Windows.
Unable to crypto-erase OSA client devices
Issue: This issue occurred on SecureDoc installed OSA client devices. When users attempted to crypt-erase a client device through SES console, the device fails to crypto-erase. Either the device would be turned off or would display an error message.
This issue has been resolved. Now, users can successfully crypto-erase OSA client devices.
SecureDoc BitLocker encryption enabled (SDOT) devices with legacy BIOS fail to upgrade to Windows 10 TH2
Issue: This issue occurred while upgrading the client devices (specifically having the combination of Bitlocker encryption with the SecureDoc Pre-Boot) from Windows 10 (Build#10240) OS to Windows 10 TH2 (Build#1511) OS. In such a scenario, Windows 10 TH2 failed to install on the client devices, displaying an error message, “The installation failed in the SAFE_OS phase with an error during BOOT operation”.
This issue has been resolved. Now, users can successfully upgrade to Windows 10 TH2 OS.
SecureDoc Installer fails to display the “System” language
Issue: This issue has been reported on SecureDoc installed devices that are running the 7.1 SR2a version. After the installation of SecureDoc on the client devices and when users select language option by right-clicking the SecureDoc icon in the taskbar, the selected language is not displayed in the pre-boot authentication window.
This issue has been fixed and users will be able see the selected language in the pre-boot authentication window.
Dell Latitude 3450 devices are unable to boot into Windows OS
Issue: This issue occurred on SecureDoc v7.1 SR2a installed client devices that are running Windows 8.1 OS. After SecureDoc installation and when the devices restart, they failed to boot in Windows, displaying the Dell logo and a blank screen.
This issue has been resolved. Now, the devices will successfully boot into Windows after installing SecureDoc.
SDService.exe interfering with network drives in Explorer
Issue: Not all attached network drives would appear correctly in the list of attached network drives, and it was determined that somehow SDService.exe was blocking their correct display.
This issue has been resolved, and network drives will now appear correctly.
USB Controller is not available during SecureDoc v7.1 SR2a installation
Issue: This issue has been reported on some client devices (Lenovo T510, T520, T550, Fujitsu E736/E756) that are being upgraded to SecureDcoc v7.1 SR2a. During the installation of SecureDoc v7.1 SR2a, the USB Controller disappears from the Device Manger window.
This issue has been fixed. Now, the USB Controller will be available in the Device Manager window during the SecureDoc installation
Error while scanning for Intel Dual-Band Wireless AC 8260 wireless at pre-boot
Issue: This issue has been reported on Dell E7470 devices that have Intel Dual-Band Wireless AC 8260 adapters. When a SecureDoc package is deployed to these machines with PBConnnex, an error is displayed at pre-boot.
This issue has been fixed by extending support for Intel Dual-Band Wireless AC 8260.
SFEAgent.exe (SecureDoc File Encryption) program needs to be force-closed when shutting down or restarting
Issue: This issue occurred after installing/upgrading the client devices to 7.1 SR2a, and when shutting down / restarting the device, the users had to force-close “SFEAgent.exe” program in order for the machine to shut down/restart. This issue has been fixed.
Now, users do not need to manually end the “SFEAgent.exe” program.
Unable to deploy OSA package
Issue: This issue occurred on SecureDoc v7.1 SR2a installed client devices while deploying a standard OSA package using USB device. In such a scenario, an error message stating “Error- PBA Returned 139” is displayed, halting the installation progress.
This issue has been resolved. Now, users can successfully deploy OSA packages on the client devices.
Unable to launch Syngo application on SecureDoc v 126.96.36.1990 installed client devices
Issue: Syngo application failed to launch on the client devices encrypted with SecureDoc v 188.8.131.520. This application attempted to launch, but after a few minutes, a message appeared stating, “rsntmain is not responding”.
This issue has been resolved. Now, users will be able to launch Syngo application without any issues.
Boot Logon is NOT installed when a SecureDoc package is deployed to the client devices with PBU/PBLU options enabled
Issue: This issue occurred when a SecureDoc package is defined and deployed to the client devices with the Native UEFI pre-boot environment (PBU) or Linux pre-boot for UEFI boot loader options enabled. In such a scenario, the boot logon was not installed and the devices failed to reboot automatically.
This issue has been fixed. User can now successfully deploy SecureDoc packages with PBU/PBLU enabled option.
Native UEFI pre-boot (PBU) fails to load on multiple devices
Issue: The boot logon failed to load when a SecureDoc package was deployed to the client machines with the Native UEFI pre-boot environment UEFI option enabled in the Boot Configuration settings.
This issue has been fixed and now the boot log on is loaded and users will be able to log in normally after deploying SecureDoc package to the client devices.
Intel Dual-Band Wireless AC 7265 Network adapter is NOT working on SecureDoc v 7.1 SR2a installed client devices
Issue: This issue has been reported on Dell E7450 machines with Intel Dual-Band Wireless AC 7265. This occurred when installing / upgrading these devices to SecureDoc v 7.1 SR2a.
This issue has been resolved, and these network adapters will work at Pre-boot.
Physical keyboard not working on Microsoft Surface Pro 3 devices running SecureDoc v7.1 with Linux pre-boot for UEFI (PBLU) option
Issue: The physical keyboards attached to Microsoft Surface Pro 3 devices that have SecureDoc v7.1 installed would not connect to or be recognized at Pre-Boot. This issue occurred on these devices that have Linux pre-boot for UEFI (PBLU) boot loader option enabled. In such a scenario, the attached physical keyboards were not functioning.
This issue has been resolved by extending support for Microsoft physical keyboards drivers. Now, the physical keyboards attached to Microsoft Surface Pro 3 devices will be working without any issues.
SecureDoc support for Mac FileVault2 Operating System 10.11.5
SecureDoc v7.1 SR2a HF2 extends support for Mac OS X 10.11.5 operating system version. You can create the SecureDoc client package in the SES console and deploy to the Mac FV2 devices that are running this version of the operating system.
Custom Boot Text is Not updated after SecureDoc v7.1 SR2a Installation
Issues: This issue occurred when SecureDoc v 7.1 SR2a package with Custom boot options was installed on the client devices. In such a scenario, the custom boot text (Header/User/Password fields) was not updated.
This issue has now been resolved. Upon SecureDoc installation, the Custom Boot text will be successfully applied
Note: For the Known Limitations other than the ones mentioned below, refer to the “Known Limitations” section in the SecureDoc Release Notes v 7.1 SR2a.
Dell Latitude E7470 devices unable to load up Native UEFI pre-boot (PBU) after pre-boot
Blue Windows Screen with Error: 0xc0000001 or Missing Operating System message (Black Screen) after pre-boot when 32 bit OS
Single Sign On (SSO) does not work when the "Lock computer when token is removed" option enabled
Extra warning message while loading into Boot Logon on Dell E7450/ Win10 Legacy SWE
|Please note that WinMagic is deprecating SecureDoc V4 Pre-Boot Authentication (PBA) support for SEDs in favor of the fuller function, more capable, V5 Pre-Boot Linux (PBL). The existing V4 support for SEDs will remain in the product for the time being but will not be maintained or enhanced. We recommend that customers migrate to V5 PBL over the course of the next year.”|