Endpoint Encryption is unable to encrypt HP EliteDesk 800 G3 desktops in UEFI mode
Last Updated May 10, 2019
Endpoint Encryption 11.x client installs on HP EliteDesk 800 G3 desktops with Windows 10 running in UEFI mode.
Encryption should start automatically, but unable to do so after a reboot.
HP EliteDesk 800 G3 desktop
Endpoint Encryption 11.1.x or 11.2.x client
Windows 10 (seen on 1803, although could apply to other versions) with UEFI mode enabled
On UEFI systems, a system partition exists named EFI, which is set to 100MB. Endpoint Encryption stores pre-boot information in EFI. The default HP Windows image includes an "HP" folder that consumes a majority of this space, which prevents Endpoint Encryption from writing the required files for encryption to work.
The EFI\HP folder can be deleted, which will allow enough space for Endpoint Encryption to write the necessary files. Alternatively, reinstalling Windows and deleting the partitions can also free up space. Be advised that doing either of these will remove the ability to use HP's recovery tools.
Advanced users can also manually alter the partition schema and expand the EFI partition from 100MB to 200MB, however, this should be addressed with HP for assistance.
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe