The UI of the Recovery console, Pre-boot Recovery Console and Recovery Tool is similar to each other, but they are used for different purposes.
This article provides the details and information on how to use of these
For details, click on the name of the tool from the list below:
The Recovery Console provides a set of administration tasks which can be performed locally. It also provides the following basic administration interfaces:
- Manage Disks Manage Users
- Manage Policies
- View Logs
- Network Setup
The Recovery Console can be located in C:\Program Files\Trend Micro\Full Disk Encryption\RecoveryConsole.exe.
Below are the functions available in the Recovery Console:
- Manage Disks: This Recovery Console section displays options for managing disks on the endpoint. The options displayed in the Manage Disks screen change depending on the status of the disks attached to the device.
- Mount Partition: The Mount Partitions section provides access to the encrypted partitions for file management. One can view encrypted files or copy files to an external device.
Use Mount Partitions to copy files between the encrypted hard disk and external storage before imaging or reformatting the drive. The encrypted contents on the drive appear in the left pane and an unencrypted device can be mounted in the right pane. Use copy and paste to move file between panes. Files copied to the encrypted drive will encrypt. Files copied out of the encrypted drive will decrypt.This option is only available for disks using software encryption. This option is unavailable if the disk is a SED.
- Manage Users - This Recovery Console option allows the administrator to manage the users on the local computer. Users can be created, deleted, or modified. This includes password or smart card management as well as the authority level of the user. These changes are overridden when TMFDE syncs with the PS.
- Manage Policies: The Manage Policies Recovery Console option allows the administrator to manage the TMFDE policies on the local computer. These changes are overridden when TMFDE syncs with the PS.
- View Logs - The View Logs Recovery Console option allows the administrator to review the current audit log on the local computer.
- Network: The Network Recovery Console option allows the administrator to make changes to the network configuration. This falls into two general categories, the information for the PS, and the network configuration itself. The network configuration allows the administrator to choose IPv4 or IPv6 connectivity as well as static versus dynamic addressing.
The integrated Full Disk Encryption Recovery Console allows Administrators, Authenticators, and permitted Users to do the following only in pre-boot:
- Recover Full Disk Encryption devices in the event of primary operating system failure
- Troubleshoot network connectivity issues
- Decrypt disks to retrieve inaccessible data
- Manage policies when not connected with PolicyServer
The PreBoot Recovery Console provides three primary recovery options for TMFDE in SW Encryption mode. It also include what the Recovery Console has on the Operating System.
The Full Disk Encryption Recovery Tool is a bootable disk used to repair a device if the device is unable to boot. The Recovery Tool allows users to do the following:
- Scan and repair Full Disk Encryption issues that prevent users from logging on to Windows
- Open the Full Disk Encryption preboot if the agent is unable to access the preboot normally
- Recover files from an encrypted disk
To use the Recovery Tool, install the Recovery Tool as a bootable disk on a DVD, USB flash drive, or other removable media device.
If you are unable to open Windows or the Full Disk Encryption preboot on a device, use the Full Disk Encryption Recovery Tool to detect problems on that device and potentially repair those issues.
The Full Disk Encryption Recovery Tool opens a Linux operating system with the following options available:
- Recovery: Select this option to open the main utility of the Recovery Tool. This utility scans and attempts to repair the device. After scanning, additional functions become available for accessing the Full Disk Encryption preboot and viewing encrypted files on the disk
- Zoom: Select this option to open the Zoom video conferencing service
- Language Input: Select the language of your keyboard
- Shut Down / Restart: To either Restart or Shut Down
- Launch File Explorer: Select this option to open the window that shows your File Directory. You can copy files from your drive to an external storage. The Recovery Tool will decrypt those files before adding them to the external device.
- Enable Preboot: Select this option to open the Full Disk Encryption preboot the next time that you restart with the Recovery Tool attached to the endpoint. The Recovery Tool includes an internal copy of the FDE preboot that you can use to access the Recovery Console to configure network settings or decrypt the device.
- Cache All Users: This allows authentication without a network connection to the PolicyServer. In case the endpoint experiences network connection issuesafter repair task, users can still type their correct password to authenticate without connecting to the PolicyServer
- Unlock SED (If your drive is a SED): The Recovery Console performs one of the following actions depending on the disk configuration:
- If SED is a system disk, Recovery Console removes the Full Disk Encryption preboot from the disk so that the device no longer requires authentication with PolicyServer
- If SED is a data disk, Recovery Console excludes the disk from being managed by Full Disk Encryption.