If a user resets the password on a 64-bit Vista or Windows 7 system, the changed password might not get
reflected correctly onto Windows XP systems, but is reflected correctly onto other Vista and Windows 7
systems. (624109)
NOTE: This does not constitute a loss of security: it is the same situation as when a Windows XP system is not
connected to the network and unable to synchronize the new password from the server.
If a user is renamed in Active Directory, the new SSO information might not be captured for the user, so
that SSO no longer works for that user. (624316)
The system sometimes hangs in the Pre-Boot Authentication screen after enforcing the Always enable pre-
boot USB support
(Product setting | Boot option) policy.
When Windows Endpoint Encryption Logon is enabled on Windows 2003 and Windows XP systems, the
client system prompts for EEPC authentication only, but not for Windows authentication. (1966)
KB70318
Sometimes the policy update does not occur when it assigned to an individual user. This issue is observed
particularly when ePolicy Orchestrator loses its connection with Windows Active Directory.
Systems running Windows 2003 (64-bit) become unusable when EEPC is installed.
McAfee Agent behind NAT does not respond to available data channel message that is sent during a normal
ASCI. This is fixed with ePO Patch 3 Hotfix and MA Patch 1. (590456)
Known issues when using tokens
WinPE: When authenticating with a smartcard, the Options button in the Pre-Boot Authentication screen
does not work. Pressing it has no effect. (2749)
KB70319
USB Card Token Reader: The Mako DT3500 reader returns error EF010002 while authenticating with the
following tokens: Gemalto 64k v2, Safesign Evoniks, Telesec Smart Card 2.0, Telesec Smart Card 3.0, and
Oberthur CS PIV. Therefore we do not currently support these tokens when used with the Mako DT3500
reader. These tokens do work with the other supported readers. (2796)
KB70323
While using the Telesec 3.0 smart card (PKI) on an HP ProBook 6555b laptop, the Cherry reader error
EE0B0001 CCID Protocol Error appears. (3125)
KB70334
The Oberthur ID One V5.2 Dual card token fails to function correctly on an HP 6530b laptop. (3133)
KB70332
A failure on the Gemalto.net v2 tokens causes a subsequent failure with another token, with the error
message CF010002 Unknown. This error clears when the system is rebooted. (3268)
KB70331
RSA Token: The RSA Token is not detected if it is plugged in to the USB port after the Pre-Boot
Authentication screen appears. Be sure that the RSA Token is inserted before switching on the client
system. (3314)
KB70329
A successful login is allowed during Pre-Boot Authentication on some types of smartcards, even though the
certificate has expired. (3318)
KB70330
Limitations when using certain languages:
Localization (Simplified Chinese): The Default keyboard option that is displayed in the Pre-Boot
Authentication screen is not commonly used by native Simplified Chinese speakers. (2773)
Localization (Japanese): There is no On-Screen Keyboard for Japanese Kana. The On-Screen Keyboard
defaults to English-US when Japanese Kana is selected. (3000)
Localization (Chinese , Japanese, and Korean): EEPC does not support input of any character that requires 2
key-presses in the Pre-Boot Authentication screen. (3047)
Localization (Danish): There is no On-Screen Keyboard for Danish . The On-Screen Keyboard defaults to
English-US when Danish is selected. (3083)
Localization (Danish): On Danish versions of Windows, the Danish keyboard is used at the EEPC login
prompt, even though the English keyboard is selected. (3084)
Localization (Japanese): The on-screen Japanese Hiragana (ENG) keyboard in the Pre-Boot Authentication
screen does not correctly enter one of the Japanese characters into the input box when AltGR is pressed.