Troubleshoot the errors that occurs when installing FDE.
Below are the possible solutions to the generic installation errors:
- Make sure that the user has administrative rights on the PC.
- Endpoint Encryption software must be copied and installed locally.
- Unplug all external USB storage devices.
- Do not install FDE with a PolicyServer Enterprise Administrator account.
- Enable the FDE policies in the PolicyServer group containing the User Name.
- When using an installation script, make sure that the format of the script and credentials are correct.
- Confirm that the Microsoft .NET 2.0 SP1 or later is installed in the target device.
- Verify that the Windows Installer v3.1 or later is installed on the target device.
- The TPM chip must be disabled.
- Ensure that there is sufficient contiguous space to install FDE.
- Install the Windows OS on the default C:/ location.
- Make sure that the Local Security has System Cryptography disabled.
This error is caused by a fragmented hard disk drive.
To fix this, defrag the hard disk drive and try to upgrade. Multiple defrags can be run depending on how fragmented the drive is.
The machine is not connected to the network.
Diskeeper is not supported by Endpoint Encryption in aggressive or pre-boot scan mode. It is recommended to install Diskeeper when FDE is already installed and the drive is fully decrypted.
To resolve the issue:
- Boot to a Windows recovery disk and repair the MBR.
- Run \Program Files\Mobile Armor\DataArmor\ArmorUninstall.exe. If the uninstallation leaves files, follow the procedure in the article Cannot completely uninstall Full Disk Encryption (FDE).
By default, all communication goes across port 80 using web services. The issue occurs when something blocks the said port.
To fix the issue:
- Open Internet Explorer, and enter the PolicyServer address. For example, http://ServerName/MAWebservice2/service.asmx.
If you can access this with no error, proceed to the next step. If you cannot access this, the web communication with PolicyServer is blocked.
- Use the PolicyServer IP address to install the software. If this works, there is a DNS issue.
- Try another network connection.
There are known issues with Toshiba Hardware where the following conditions may occur:
- The installation cannot complete because it roll back or disappear.
- Error 100 appears when installing via script.
The error occurs because FDE uses a Linux kernel and some distributions of Linux have issues on Toshiba devices.
Determine if the device you are installing supports Linux OS by checking the article Linux information for Toshiba PC.
The error occurs when installing FDE on a Dell E Series machine.
Intel Rapid Restore Technology (IRRT) causes the hard disk drive to display incorrectly in FDE. The IRRT is not integrated in Dell’s image of Windows XP. The necessary software to utilize IRRT, which is the Intel Matrix Storage manager, is not included. However, Vista has the software that integrates IRRT directly into the OS. Since Dell ships the PCs with IRRT enabled by default in the BIOS, you must re-image the machine.
- Do one of the following depending on the OS you are running:
- For Windows XP, locate the Intel Matrix Storage Manager software. If you do not see this software, reboot the machine, go into the BIOS and disable IRRT. If you locate the software, disable IRRT and re-image the machine.
- For Vista, check the BIOS Setup > System Configuration > SATA Operation. If this option is highlighted as IRRT, disable IRRT and re-image the machine.
- Disable IRRT.
- Enter the BIOS.
- Go to Setup > System Configuration > SATA Operation > Change to AHCI or ATA from IRRT.