Upgrade path for Dell Data Protection | Access - Dell DSS - Security - Dell Community

Upgrade path for Dell Data Protection | Access

Security

Security
All things Dell Security related

Upgrade path for Dell Data Protection | Access

This question is not answered

Hi,


My Precision M4700 laptop has had DDPA installed since the OEM factory build of Win7 Pro. (this one - and is the install guide)

Since upgrading to Win10 Pro the fingerprint reader hasn't worked properly, and the FP reader won't activate. Since the machine upgraded to Creators Edition, I think this tool has been completely disabled.

I have downloaded the updated drivers which appeared very recently on the Microsoft catalogue - labelled Dell - CVAULT - 09-13-2017 4.7.23.37 for Creators Update (x64). This has helped iron out some of the driver issues, but it's not the drivers that are the problem, it's the ancientness of the app and its hapi64  & Wave driver components.

There's been no update to this app in over four years. I looked at the latest Data Protection stuff and it's all tied into an enterprise platform, and it doesn't seem to update the Wave components.

What do I need to install to get the fingerprint reader working again? If it won't work with DDPA anymore, how can I completely remove it not just from Program Files but from the credential provider integration?

Thanks

Tim

All Replies
  • Update - I am aware of Dell Data Protection | Security Tools but no version I can see lists M4700 as a compatible system.

    My machine is already Bitlocker encrypted and on a domain, so I don't want to install something that's going to mess about with the drive encryption; I only want to either repair the system so I can log in with fingerprint, or COMPLETELY REMOVE the DDPA integration.

    At the moment, the credential provider doesn't have a massive hissy fit after 30 seconds of trying unsuccessfully to activate the fingerprint reader and the event logs are full of Hapi/Wave errors.


    *** Update ***

    I tried installing Dell Data Protection | Security Tools and the latest drivers but it has made no difference and even uninstalling DPPA still hasn't stopped the system using it - perhaps this needs something like a proper uninstall script.

    Here's what I can see in Device Manager after two days of faff:

    ControlVault Device / Dell Control Vault w/ Fingerprint Swipe Sensor (version 4.7.23.37, enabled, started)
    Biometric Devices /  Control Vault w/ Fingerprint Swipe Sensor (version 4.7.23.37, won't start)
    Security Devices / Trusted Platform Module 1.2 (version 10.0.16299.15, enabled, started)

    O2Micro Integrated MMC/SD controller (versions 2.2.2.1038 and 2.2.2.1077 tried, both enabled, started)
    PCI\VEN_1217&DEV_8321&SUBSYS_053E1028&REV_05

    Intel(R) Management Engine Interface (version 11.0.5.1189, enabled, started) - The Intel MEI device is PCI\VEN_8086&DEV_1E3A&SUBSYS_053E1028&REV_04.

    The biometric device which won't start has the following error:

    This device cannot start. (Code 10)
    Current device power state cannot support this request.

  • Hi TimStaddon,

    Currently Dell Data Protection | Access (DDPA) is not supported on Windows 10, and we have limited paths in removing the product on Windows 10 due to how DDPA attempts to embed itself within the OS. Due to this complexity, I would suggest opening a ticket with our front-line support queues. If you do have a ticket open with them, are you able to Direct Message (DM) me the service request number?

    We have validated the functionality of the fingerprint reader with the M4700 through Windows Hello within our testing here at Dell. It may require a reset of the Control Vault within the M4700 to awaken it so it will properly function within the operating system. Could we validate the firmware is properly updated for the ControlVault itself? Since the ControlVault is a tiny computer inside of your workstation, it may need updated firmware. Latest for your device is here:

    www.dell.com/.../driversdetails

    Let us know if your issues persist, or if you are not receiving the traction you need with our phone queues.

    -Dale

    Dale

    L4 Support

    Dell Data Protection | Encryption

    Need Immediate help? Please call DDP |E Support @ +1.877.459.7304 Ext. 4310039

  • Hi Dale,

    I haven't raised a ticket because the machine is a company asset. The machines are all used by field consultants, myself included.

    There are about 30 of these M4700s still in use but due to niggles with drivers ever since first migrating to Windows 10 (which are compounded by different M4700 machines having different chipsets for the wifi etc) it does worry me if Creators Edition makes things even worse.

    Someone else has just run into the same problem of Microsoft bulldozing its way through the GPOs today and only telling him it's upgrading his machine while he's halfway through a customer deliverable... so by this time tomorrow he's going to be running Creators Edition with a high chance of power scheme death, driver conflicts, crash on resume from standby and a Dell credential provider tied into the Windows logon experience that doesn't work properly. Hopefully he can at least decrypt his SSD (Symantec FDE version that won't work on Creators) before Windows reboots, otherwise that'll be yet another whole new world of fun.

    I have to stress, I don't blame Dell for this - Microsoft need a rocket up their backsides. But to be honest, Dell ought to have some information on what combination of drivers is the correct one to be using if you want Windows 10 to play nicely. These laptops, and others of similar spec, were extremely well-specced and eyewateringly expensive business workhorses that hold an exceptionally good second hand value despite their age, because they're so powerful.

    There is a workaround but it's a cruddy one - flatten the machine and perform a totally clean install of Windows, then install the drivers one by one and confirm the working combinations. But doing this still leaves us with fingerprint reader integration that doesn't work, o2Micro drivers that are unreliable, power schemes that don't take into account the OPTIMUS config, etc.

    I have tested all this on a spare machine. If I take it back to the original Windows 7 OEM out-of-the-box factory image (Win7 pro x64 OEM preactivated)  the power schemes, fingerprint integration into the logon tiles, Intel management tools, wifi drivers, everything, all plays nicely. As soon as I upgraded it to Windows 10 (any version), stuff begins to break: the power schemes from the Feature Pack always break, the logon UI always stops accepting fingerprint logon, and 50% of the time I have to disable the Intel management interface driver to allow the machine to resume from standby without crashing.

    I can't find any comprehensive documentation that says "uninstall this before upgrading to Windows 10".

    Currently, on my laptop, ControlVault.DLL is version 1.3.0.117 and dated 20/11/2012, and it is in the folder C:\Program Files\Dell\Data Protection\Access\Advanced\Wave\EMBASSY Client Core.

    There is a newer directory for Vault, C:\Program Files\Dell\DellDataVault, but it doesn't contain any updates for the EMBASSY client core.

    Cheers