Title: ‘Prevent Login to Device’ command, no response when sent to client device.
Affected Version:
SecureDoc v8.6, 8.6 SR1
Environment:
With SecureDoc v8.6 a new feature was added. See KB 1894 - What is ‘Prevent Login to Device’ and how to use it’ for details.
NOTE : This command requires that both the client device and the SES Server be running v8.6 or higher.
Problem :
‘Prevent Login to Device’ command is successfully selected from the SES Server, but the client does not receive the command and/or does not respond.
Proposed Solution:
Communication between the client and the SES server is required. Confirm on the SES Server that the command was sent and Executed successfully via Show Commands.
On the client device, confirm that the command was recieved without errors. This can be checked in the log files SDJob.Txt and SDLog.Txt in the Userdata folder.
Prevent Login to Device 2021/07/08 16:14 Start...
Prevent Login to Device 2021/07/08 16:14 Finish
2021/07/08 16:02 | |Lock device & enforce pre-boot authentication |Success |00000000 |
2021/07/08 16:14 | |Lock device & enforce pre-boot authentication |Success |00000000 |
If no errors are present, confirm that the client device is using SecureDoc preboot.
For any client device not using SecureDoc preboot, for example RMO (Removable Media Only) or using Microsoft BitLocker preboot, this command doesn't apply and will be ignored on such clients. This is by design.
SDService.log will show as:
[2021-07-08 16:14:19.598] [5908:8844] DBG SDD RunCmdLockWSAndEnforcePrebootAuth: execute remote cmd - prep to set NO_COMM_LOCKED from 0 to 2
[2021-07-08 16:14:19.598] [5908:8844] CRIT SDD RunCmdLockWSAndEnforcePrebootAuth: case of RMO or SDBM, cmd is ignored ...
Reference: SD-38703