Showing results for 
Show  only  | Search instead for 
Did you mean: 

user directory and ALDU


I currently have just taken a DE project halfway through.

I saw my customer is using the User Directory as the encryption user to activate DE:

step1, manually create a user in epo-> user directory

step2,  under epo-> encryption users-> My Organization-> Group Users, assign the user created in step1 as a group user

step3, enable DE in DE product policy, next agent epo connection the activation starts.


I'm curious, is there any advantages or disadvantages to use ALDU or the above-mentioned method to activate DE?

In DE best practice guide, there has detailed explanations for ALDU, but for the above-mentioned method, I can only find very little information.




2 Replies
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 3

Re: user directory and ALDU

@test123 Thanks for choosing McAfee Community Portal.

Hope, this should clarity your doubts.

What is the DE User Directory?
The User Directory extends your ePO-managed DE to systems with unmanaged, non-domain users. In addition to users managed in Active Directory, DE can now also use these ePO-managed users for preboot authentication.
User data is now synchronized from Active Directory and cached locally in ePO. This fact eliminates the need for constant round trips from ePO to Active Directory. It results in significant performance improvements for user-based policy checks.

Other User Directory general facts:

  • User Directory removes the dependency on Active Directory
  • An Administrator must install the User Directory extension. You can do this install before, or after you have upgraded to DE 7.1.x. As long as the ePO prerequisites are met, which is ePO 5.1.x
  • There are no conceptual differences between the standalone users in EEPC 5.x and the users in the User Directory
  • Migrate EEPC 5.x standalone users to the User Directory.
  • You can create Organizational Units (OUs) in the User Directory.
  • Users can be added to and removed from an OU.
  • Users can be moved from one OU to another OU
  • OUs can be nested.
  • A user can't belong to more than one OU
  • When selecting an OU, you can see all users that make up that OU (including nested OUs).
    NOTES: You can see all users from sub OUs, but not all nested OUs. From the distinguished name, you can see which sub OU each user comes from.
  • The above statement is from following article:
McAfee Employee

Was my reply helpful?
If yes, click "Accept as Solution" in my reply and together we can help other members?
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 3 of 3

Re: user directory and ALDU

Hi @test123 ,

If the customer has an environment where there is no AD server, they would need to use User Directory users to assign Encryption Users to the McAfee Drive Encryption, so that these users can be used in the McAfee Drive Encryption Login screen for authentication.

If the customer has an environment where is there is AD server, they can choose between User Directory or Add Local Domain Users (ALDU).

However, its good to use ALDU which automatically adds the logged on windows user account to the McAfee Drive Encryption Login Screen (Technically called the Pre-Boot File System).


ALDU can save lot of manual work for the customer and they dont need to create and assign user directory users or they dont need to assign domain users manually too. 

ALDU is an option in the McAfee Drive Encryption -> Product Settings Policy -> Log On tab.

To know more about ALDU you can check the video below,


Thank you

Jithendran S
McAfee Employee
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community