In computers with encrypted boot devices, the pre-boot OS is unable to connect to the Active Directory (AD) server. The pre-boot OS does not use the system “hosts” file.
If you connect to the Key Management Server (KMS) through AD, the pre-boot OS may be unable to request the device key. In this case, the operating system will be unable to start.
To resolve the issue:
- Create a hosts file that contains IP mappings. Format the hosts file as follows for each IP address mapping:
SecureCloud supports up to 8 IPv4 and 8 IPv6 address mappings.
- Move the hosts file to the SecureCloud Agent "hosts" folder:
Windows 32-bit: C:\Program Files\Trend Micro\SecureCloud\Agent\hosts
Windows 64-bit: C:\Program Files(x86)\Trend Micro\SecureCloud\Agent\hosts
- Restart the SecureCloud Service so that the settings will be synced to the pre-boot OS.
If the host mapping is not applied before pre-boot OS is started, it will fail to request key and need to setup the host mapping manually on console or using recovery tool. If this issue occurs, set up the IP address mapping manually on the VMware pre-boot console or by using the recovery tool.