@FA1 Thank you for choosing McAfee Support Community
When User based keys are assigned and if authentication is based on OS authentication is chosen in the moment when user login to their machine FRP gets Synchronized based on OS Authentication to load Keys automatically.
If not then we have to choose other Authentication type like Password based authentication which asks user to enter user name and password to load keys manually.
This is happening as per design as the encryption keys will get loaded only after successful authentication with either of the authentication method is chosen at-least once whenever a machine is restarted so its an expected behavior. However in FRP Authentication policy you can configure enable "Require authentication using Active Directory credentials at first logon" to avoid continuous prompt even after first login.
Let me know if you have any further questions !!
Was my reply helpful?If you find this post useful, Please give it a Kudos!
Please don't forget to select "Accept as a solution" in my reply and together we can help other members?