Long story here but here goes.
We've got an old Safeguard server we used to use for encryption. Well it's licenses are all used up on and we've had issues removing licenses for one reason or another so its just sitting there not distributing new certificates because its overused on licenses. Therefore, if anyone lets their password expire.. in my experience is just completely kills their cert. You get them back in using recovery and when it asks for their old password it will not take anything you try. Before the licenses were full we would just kill their cert and reissue a new one, but that's no longer an option. So we've just been uninstalling safeguard and installing sophos encryption from our new Sophos Enterprise environment.
So now I've got an old user that is coming back to the company for some contract work, they still have the laptop we assigned them along time ago but can't get into it because their password expired. I got in via recovery and of course it won't take the old password to recover the cert, so I begin uninstalling. The uninstall gets to the end and the disk gets unencrypted, the time elapsed on the unencryption even stops and neither program is using any RAM or CPU, but just hangs there at the end. I let it sit there idle for a few hours then left and came in the next day to see the laptop had turned off. I turn it back on and it boots up to the Preboot auth screen, weird. It won't take any of the authorized accounts but I get in through recovery. It boots to windows, asks to hit CTRL+ALT+DEL which I do and it just freezes, throws a runtime error, then reverts to asking for ctrl alt del. Reboot and recovery in a few more times and it does the same exact thing. I do however get in through safemode and try to uninstall again. I get this error "error 5013 some base encryption components could not be removed SGN#1512" a few times when trying to uninstall and I reboot. Boots back to preboot again and windows still freezes on the ctrl alt del... So then I boot to winpe SGN, use recovery keys and a virtual client to unlock the drive and run the SGNRollback.exe. Reboot and the pre boot auth is gone but the drive is still encrpyted apparently, it won't boot to windows, tried the MBR restore and repairing boot sectors with no luck. I'm currently back in winpe SGN with the drive unlocked via virtual client and i'm pulling files off it.
This laptop had alot of different software and things installed I would very much like if there was a way to just unencrypt the drive completely so I could continue booting to it. Is there an option out there for this?
This thread was automatically locked due to age.
