Full Disk Encryption Self-Help Portal

The Self-Help Portal lets users reset their own passwords for Full Disk Encryption. To use the Self-Help Portal, the user must register to the portal first. After registration users can use the Self-Help Portal for password recovery.

The Self-Help Portal only works with Active Directory users. Make sure that the Endpoint Security Active Directory Scanner is configured and that the Active Directory is scanned.

The portal is available for desktop and mobile devices.

For supported browsers and devices, see the R80.20.M1 Release Notes.

Activating the Self-Help Portal

You must enable the Self-Help Portal on the Endpoint Security Management Server to activate it.

Note - On the Gaia portal > Hosts and DNS page, make sure to configure:

• The DNS Sever
• Domain Name
• DNS suffix

To enable the Self-Help Portal:

On the Endpoint Security Management Server, run:

cd $UEPMDIR/engine/scripts

selfhelp_cmd enable

Note that this restarts the Endpoint Security Management Server.

After activation, the Self-Help Portal is available at http://<eps_server_ip>/eps_shp
where <eps_server_ip> is the IP address of the Endpoint Security Management Server.

To disable the Self-Help Portal, run:

selfhelp_cmd disable

To query the status the Self-Help Portal, run:

selfhelp_cmd status

Configuring the Self-Help Portal

The Self-Help Portal only works with Active Directory users. Before you can use the Portal, make sure that the Endpoint Security Active Directory Scanner is configured and that the Active Directory is scanned.

Users must be authorized for Pre-boot on one or more computers before they register in the Portal.

To configure Self-Help Portal settings in SmartEndpoint:

1. In the Policy Tab, in a OneCheck User Settings rule, right-click the Allow password Self Help action and select Edit.
2. Select Allow password self-help to let users recover their password by answering questions. Clear the option to not let users recover their password by answering questions.
3. Make selections to configure the options for Enrollment to the Portal and Password Assistance.
4. Click Questions Bank to select which questions are asked for user enrollment to the Self-Help Portal.
5. Click OK.
6. Click OK.
7. Save.
8. Click Install Policy and select the Self-Help Settings Policy.

Users can register to the Self-Help Portal and use it to recover passwords. The portal address is http://<eps_server_ip>/eps_shp
where <eps_server_ip> is the IP address of the Endpoint Security Management Server.

User Settings for the Self-Help Portal

You can force users to re-register to the Self-Help Portal or block users from recovering password in the portal.

To change a user's settings for the Self-Help Portal:

1. In SmartEndpoint, in the Users and Computers tab, right-click on a user and select User Authentication (OneCheck).
2. Select Reset Self-Help Enrollment to force the user to re-register to the portal.

   Select Lock Password Self-Help to prevent users from recovering passwords in the portal.

3. A confirmation message shows. Click Yes.

Monitoring the Self-Help Portal Policy

To see the status of user enrollment and recovery for the Self-Help Portal:

In SmartEndpoint, in the Reporting tab, select User Authentication Policy > Self Help Status.