84 chapter 11 troubleshooting enww – HP Compaq dc7900 Small Form Factor PC User Manual
Page 94
Short description
Details
Solution
Errors occur after a power
loss interrupts Embedded
Security initialization.
If there is a power loss during the
initialization of the Embedded Security
chip, the following issues occur:
●
When attempting to launch the
Embedded Security Initialization
Wizard, the following error
message is displayed: The
Embedded security cannot be
initialized since the Embedded
Security chip already has an
Embedded Security owner.
●
When attempting to launch the User
Initialization Wizard, the following
error message is displayed: The
Embedded security is not
initialized. To use the wizard, the
Embedded Security must be
initialized first.
Perform the following procedure to recover from the
power loss:
NOTE:
Use the arrow keys to select various menus,
menu items, and to change values (unless otherwise
specified).
1.
Start or restart the computer.
2.
Press
F10
when the F10=Setup message
appears on the screen.
3.
Select the appropriate language option.
4.
Press
Enter
.
5.
Select Security, and then click Embedded
Security.
6.
Set the Embedded Security Device option to
Enable.
7.
Press
F10
to accept the change.
8.
Select File, and then click Save Changes and
Exit.
9.
Press
Enter
.
10.
Press
F10
to save the changes and exit the utility.
The Computer Setup
(
F10
) Utility password can
be removed after enabling
the TPM Module.
Enabling the TPM module requires a
Computer Setup (
F10
) Utility password.
When the module has been enabled, the
user can remove the password. This
allows anyone with direct access to the
system to reset the TPM module and
cause possible loss of data.
This is as designed.
The Computer Setup (
F10
) Utility password can only be
removed by a user who knows the password. However,
HP strongly recommends having the Computer Setup
(
F10
) Utility password protected at all times.
The PSD password box is
no longer displayed when
the system becomes
active after standby status
When a user logs on to the system after
creating a PSD, the TPM asks for the
Basic User password. If the user does
not type the password and the system
initiates Standby, the password dialog
box is no longer available when the user
resumes.
This is by design.
The user has to log off and back on to view the PSD
password box again.
No password is required
to change the Security
Platform Policies.
Access to Security Platform Policies
(both Machine and User) does not
require a TPM password for users who
have administrative rights on the system.
This is by design.
Any administrator can modify the Security Platform
Policies with or without TPM user initialization.
When a certificate is
viewed, it shows as non-
trusted.
After setting up HP ProtectTools and
running the User Initialization Wizard, the
user has the ability to view the certificate
issued; however, when the certificate is
viewed, it shows as non-trusted. While
the certificate can be installed at this
point by clicking the install button,
installing it does not make it trusted.
Self-signed certificates are not trusted. In a properly
configured enterprise environment, EFS certificates are
issued by online Certification Authorities and are
trusted.
84
Chapter 11 Troubleshooting
ENWW