Create an account on the HP Community to personalize your profile and ask a question
09-19-2018 01:02 PM
I was updating drivers and found a new driver for the above. When I ran SP81058 i recieved the attached message.
I actualy have not used the finger print reader and installed only the older fingerprint driver tools to make the warning in device manager go away. I do not have any registered finger prints.
I uninstalled the program from Programs and Features and Uninstalled the device (Biometeric) in Device Manager. I do not know what the HP Protect Tools are but found a post that says it's replaced with Client Security Manager. I installed Client Security Manager and when I go into fingerprint config it tells me the device in not connected. It does not report any fingerprints as registered.
I am now stuck. I really do not want to have the Client Security Manager tools and would like to uninstall this. Same with the fingerprint reader. Unclear if I can disable this in BIOS.
I am looking for suggestions on how to unwind this.
HP 840 G1 Windows 7 64Bit
09-20-2018 11:55 AM - edited 09-20-2018 11:56 AM
David, I have been through the BIOS and the only option I have is to disable the fingerprint reader.
I never set up the Fingerprint Reader, and only installed the package to get the error in device manager cleared. I have now disabled the figerprint reader in the BIOS which gets me the same (oe better) results.
While these are business computers, I have tried to eliminated any of the HP tools and just install the drivers. Under security the device is set to dispaly TPM only and access is grayed out. It has never been enabled or set up and these computers are not encrypted and I have not installed software (that I am aware of) to utilize TPM (unless Client Security Manager qualifies).
I regret installing the Client Security Manager. I now have an additional BIOS level on entry asking to choose "User\Guest". Entering the User path requires a password and seems to have evrything restricted. Entering as Guest seems to allow me all privileges. Seems backwards to me.
I have uninstalled the Client Security Manager, but it did not restore the BIOS to it's former (userless) operation. Unclear what happens when I reprovision PCs. I would really like to remove the user option.
I see under "Main" options to "Restore Defaults" and "Reset BIOS Security to Factory Default" but with out any real BIOS doumentaion I am concerned about making even more of a mess.
Under "Security" there is "User Management" and "Restore Security Level Defaults". The former is greyed out and the later I expect just resets the items on the prior menu item "Set Security Levels" which appears to just define whether items in the advanced menu are available to manage, display only or are hidden.
I also notice that on this PC I have an additional option under the "Advanced=>Device Settings" for "AMT Options" with a check box to "Unconfigure AMT on Next Boot". Unclear if this came with the Client Security Manager or elsewhere.
Any guidance to the BIOS settings would be helpful.
09-20-2018 12:24 PM
AMT is nothing to do with this - that's Intel's Active Management Technology, which allows for remote administration of suitably provisioned computers that have Intel vPro. If you don't intend to use AMT there is some argument for turning it off in the BIOS.
Unfortunately I'm not very familiar with HP Client Security Manager, though I do share your desire to get rid of as much manufacturer installed software as is reasonable. Sadly, marketing works in the opposite direction: manufacturers want shiny looking features to differentiate their products from those of their competitors.
09-20-2018 01:50 PM
Unfortunatly it seems that the HP Client Security Manager mods the BIOS and I think AMT and the users may be 2 of the casualties. Unfortunatly after many hours of searching I am not able to find any docu on the product that discuses these changes to BIOS. As noted, unistalling the sodtware does not revert the BIOS changes.
I think I will try checking the Remove AMT checkbox and disable the feature along with the onboard Smart Card
I have found a couple of posts that say if I create an adminstrators password I can then access the currently unavailbe users section and remove the users. My concern is that if I set a password I may not be able to clear it after remoiving the users. There are dozens of posts on lost BIOS passwords and this is not a machine on which one can just clear the BIOS. It's replace a chip.
09-20-2018 02:10 PM
Normally, setting an administrator password allows you to take delete any users - though there is always a risk that things will go wrong.
One thought comes to mind. On the business systems, HP can reset a forgotten administrator password once they are satisfied as to ownership by sending out a SMC.bin file (which is custom to the system as well as the time and date) - so long as you don't yank the battery and leave the system at an unknown time and date. I wonder if they can carry out a total reset of BIOS settings via this route. You could only ask, I suppose. Maybe someone who has a better idea about exactly what is possible via this route will notice this thread and replies to you. Here I am very much into the realm of guesswork, I'm afraid.