You have a system with more than one disk encrypted with SEE. You have had a catastrophic failure of the primary disk and wish to recover the data present on the secondary disk(s).
It is possible to recover a second encrypted disk using the Recover tool because the secondary disk metadata is still present and valid even if the primary disk is missing. However, it should be noted that it is NOT possible to recover a second partition on a primary disk if the first partition has been deleted.
Only "Recover /B" will work in this scenario. This means that the client machine will have had to check in with the SEE Server at least once so that the backup of the encryption key (in the form of a DAT file) is present in the database.
***Note: Recover /B is only to be used as a last option when all other options have been exhausted. Important files should be recovered with the Access CD prior to recovery. Failing that, it is vital to back up the disk before running this procedure as if it fails, data will no longer be accessible.
The recovery procedure is as follows:
Go to “Symantec Endpoint Encryption Users and Computers > Active Directory Computers > Forest > [Domain] > Computers > [Computer].
Select the computer you wish to recover.
Click on the “Recover” button.
Enter the Management Password.
Create a new one-time recovery password to be used for the recovery operation. Enter the same password twice.
Save the DAT file to a USB device.
Boot the affected machine on the SEE Recovery disk (ensure it is the same version as is on the server and client machines).
Select the second disk.
SEE Recover will scan the disk.
Select “Recover /B”
Browse to the DAT file.
Enter the one-time password that was created when the DAT file was generated.
The decryption should then proceed.
Imported Document ID: TECH157205
Subscribing will provide email updates when this Article is updated. Login is required.