I recently ordered and received a new Dell Latitude D820 laptop that has a built-in Trusted Platform Module (TPM) 1.2 chip and UPEK biometric finger print reader. Of course I enrolled a couple of my fingerprints to see if the hardware and software works. I was using the factory supplied image at the time that I did that.
Every machine I buy or use generally comes with a recovery disk set. Dell offers the media at a small extra cost. I looked around at the disks but being a Ghost expert, decided to take a snapshot of the factory image and burn it to DVD just in case. Good thing I did…
After taking the snapshot, I proceeded to flatten the machine and build it the way I want. I have a number of applications that won’t run on Windows Vista Beta 2 so I installed Windows XP Media Center Edition. I installed the Dell supplied drivers and software including the EMBASSY Security Center software made by Wave Systems Corporation.
I fired up the EMBASSY application and it choked. Scratches head… So I screwed around trying to figure out why and finally headed over to the Dell and Wave support sites for some digging. On the Wave site, I stumbled across the FAQ entry about the security suite not being compatible with IE7. The nerve.
So I uninstalled IE7 and tried again. The EMBASSY security center application launched fine with IE6. I went into the area to enroll fingerprints and tried enrolling my fingerprints again. Unfortunately, I got a message the fingerprints were already enrolled. Uh oh!!! This is really bad news. So being the clever young lad that I am, I rebooted and went into the BIOS TPM settings and cleared the memory. Reboot and try again. Still got the same error message. CRAP!!!
Snapshot time again. I Ghosted my current image and saved it to my eSATA drive. I then restored the factory image and logged on. You see, the fingerprints are tied to the account that was used for enrollment. Although my fingers were the same, the account was different. I fired up the security app and deleted my fingerprints.
After restoring my fully installed MCE environment, I was able to enroll my fingerprints again with my new account. Let this be a lesson to you. I would imagine many of the TPM and biometric enrollment applications work in a similar manner.
Like I said, “Be careful where you stick your fingers!!!”