The following problems can occur when attempting to install Symantec Endpoint Encryption 11.1.3 MP1 or later on a system with Windows 10 Fall Creators Update (version 1709) (RS3) or later installed.
Known issues and their workarounds:
Windows 10 RS3 workgroup computers are unable to authenticate at preboot, or single sign-on may not work even when the single sign-on policy is enabled. Workaround: To resolve this issue, perform either of the following workaround steps before Symantec Endpoint Encryption auto-encryption begins. It is recommended that you perform either of these steps before installing the Symantec Endpoint Encryption product:
Disable the setting: Windows Settings->Accounts->Sign-in options->Privacy->Use my sign in info to automatically finish setting up my device after an update or restart. Refer to the following Microsoft article to disable the above setting: Winlogon Automatic Restart Sign-On (ARSO)
Or, create the following registry: [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] DisableAutomaticRestartSignOn=dword:1
Note: If you did not perform either of the workaround steps before encrypting your client computer, then you need to disable the setting: Windows Settings->Accounts->Sign-in options->Privacy->Use my sign in info to automatically finish setting up my device after an update or restart, and restart the client twice.
Removable Media Encryption is incompatible with Windows Defender Application Guard, which is a feature of Windows 10 RS3.
On Windows 10 RS3 or later client computers running Removable Media Encryption, when the Controlled Folder Access feature is enabled, Removable Media Encryption does not work as expected. Workaround: Disable the Controlled Folder Access feature to use Removable Media Encryption.
Subscribing will provide email updates when this Article is updated. Login is required.