Knowledge Center

Considerations for ePolicy Orchestrator disaster recovery, in conjunction with Drive Encryption
Technical Articles ID:   KB79247
Last Modified:  6/11/2019


McAfee Drive Encryption (DE) 7.x
McAfee ePolicy Orchestrator (ePO) 5.x



This article explains some of the issues that an administrator might encounter when performing a disaster recovery, in an environment where the ePO and DE versions listed in the Environment field above, are both present.

Although this article focuses on the new disaster recovery capability introduced in ePO 5.0, it can be applied to other disaster recovery procedures as well.


After performing an ePO disaster recovery, the administrator might encounter the following:
DE Data Affected Comments
Features If configuration changes are made after taking the ePO recovery snapshot, these features would be lost and would be considered expected behavior.
Any policy change made after taking the ePO snapshot, is discarded when ePO is restored. The administrator has to correct the policies, to reflect the configuration changes that are made after taking the snapshot.
User Assignment
Any user assignment made after taking the ePO snapshot, is lost. DE users on the client are deleted, if policy enforcement occurs.
Administrator Recovery
System Recovery File
If a system became activated after taking the ePO snapshot, recovery and disk information will not be available. Once the active node contacts the McAfee ePO server, the recovery information (key) is uploaded and placed in the ePO database (because of the node ID changes). But, the disk information will not be present until after a system or service restart occurs.
Workaround: Restart the McAfee Drive Encryption Agent service on the client system, and perform a Collect and Send Props or Agent Wakeup Call.
Self-recovery data, stored on the local system where it was originally set, will be intact. But, it might not be available on other systems sharing the same users, because the data is not present in the current snapshot of the ePO database.
SSO Data
SSO needs to be set again. SSO continues to work on clients where it was captured.
Reset Token via Query
The administrator must reissue the reset token command, if a previous attempt did not synchronize with the client.
Force Password Change via Query
The administrator must reissue the command, if the previous attempt did not synchronize with the client.
Add Local Domain Users
Any users added after taking the recovery snapshot, are deleted when the ePO database is restored. If this policy option is enabled, users will be added again to the ePO database.
Newly added local users might need to be initialized again.
User Initialization
All users already added before taking the snapshot, and initialized after taking the snapshot, will be treated as uninitialized users. Users initialized on specific nodes can still log on with their passwords. But, if the same user is added to a new node, user initialization is required, and then the latest password is propagated to all nodes.
Extension Upgrade
When a new extension is checked in, ePO will state that the existing snapshot is out of date.
Policy Assignment Rules
Same as Policies (see above). If the rules are deleted, users might fall back to the system-based policy. The administrator needs to make appropriate configuration changes.
Version 5 User Migrated Data
Same as User Assignment (see above). Any new users assigned to the client (after taking the ePO snapshot) via Version 5 migration, will be lost after the disaster recovery.
Any change is synchronized with the McAfee ePO server and updated according to the time stamp.
Report information is out of date because of the reversion to the old database snapshot. The information is collated again as clients start connecting to the system. 

Rate this document

Beta Translate with

Select a desired language below to translate this page.


This article is available in the following languages:

English United States
Spanish Spain

Glossary of Technical Terms

 Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.