Zero-touch image a Pointsec encrypted drive?
Posted on 2011-10-07
We are attempting to execute a wipe-and-load in-place deployment from an installation of Windows XP SP3 x86 to Windows 7 Enterprise SP1x64 using Microsoft SCCM 2007 R2, and WinPE 3.0. When we run our OSD task sequence on a machine that does NOT have the hard drive encrypted with Pointsec for PC version: 6.1.1. Our task sequence runs correctly with no errors.
When we run our OSD task sequence on a machine that DOES have the hard drive encrypted with the previously mentioned version of Pointsec FDE, we receive the following error when the machine is booting into WinPE to begin the task sequence:
"Unable to read task sequence configuration disk. For more information, please contact your system administrator or helpdesk operator"
We worked with Checkpoint support for around 3 weeks without any success. Microsoft didn’t provide much help either, only suggested decrypting the drive -- then running our sequence. Checkpoint support has stated that they are not aware of any remote decryption functionality with their product.
What we are looking at now is finding a way to remotely wipe the hard drive (quick format of some sort), then using PXE to load the task sequence once the drive has been freed from the grips of Pointsec.
Does anyone out there have a better way to remtoely wipe a machine? From what we've been able to test, we believe just wiping the MBR would do the trick.
Thank you, in adavanced, for your help.