Loading...

Knowledge Center


Web API commands for Drive Encryption Out Of Band Management
Technical Articles ID:   KB83542
Last Modified:  8/2/2017

Environment

McAfee Drive Encryption (DE) 7.1 Patch 2 (7.1.2)

For details of DE 7.1.x supported environments, see KB79422.

Summary

With the release of DE 7.1.2 (Feature Pack), the EEDEEP extension now features the ability to script DE commands using the Out of Band Management feature.

The Out of Band commands are transported in a secure manner from the ePO Agent Handler to the endpoints using the Intel® Active Management Technology (AMT).

Prerequisites:
  • ePO Web API
  • ePO Deep Command 2.0, 2.1, 2.2.
  • DE 7.1 Patch 2 (EEADMIN extension)
  • DE 7.1 Patch 2 (EEDEEP extension)
The most common recovery actions can now be used within scripts. The recovery actions available are:
  • Emergency boot
  • Reset a user’s password
  • List the available recovery images
Emergency boot
The emergency boot enhancement performs an emergency boot using Out of Band Management.
This allows the remediation of preboot filesystems by booting an encrypted system into Windows. Once the endpoint synchronizes with ePO, it will trigger the rebuild of the preboot filesystem.

Syntax example:

eedeep.emergencyBoot(systemIds=asystemID, diskId=adiskID)

For more information, locate the file ePODeepScriptingSamples.zip and inspect the sample script emergencyBoot.py, or execute the Web API help command.


Reset a user’s password:
The resetUserPassword enhancement allows you to reset the password for a user identified either by their DN or user ID on a specific system.

This allows the administrator to use the Out of Band Management facility to reset a user’s password using AMT.

Syntax example:

eedeep.resetUserPassword(systemIds=asystemID, userDN=auserDN, newPassword=apassword

eedeep.resetUserPassword(systemIds=asystemID, userId=auserID, newPassword=apassword)

For more information, locate the file ePODeepScriptingSamples.zip and inspect the following sample scripts, or execute the Web API help command:
  • resetUserPasswordByDN.py - For an example on how reset the user password using a DN.
  • resetUserPasswordById.py - For an example on how to reset the user password using a user ID.
NOTE: This functionality will reset the user’s password only on the specified system; other systems that have the user assigned will continue to have the previous password.

List available recovery images
This enhancement allows you to obtain a list of the DE recovery images available on your environment to recover a system, as well as comprehensive information about the image.

This information is also used to populate the sample script that showcases the emergency boot enhancement.

Syntax example:

eedeep.listDiskImages()

For more information, locate the file ePODeepScriptingSamples.zip and inspect the sample script listDiskImages or execute the Web API help command.

Rate this document

Beta Translate with

Select a desired language below to translate this page.

Languages:

This article is available in the following languages:

English United States
Japanese

Glossary of Technical Terms


 Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.