@test123 Thanks for choosing McAfee Community Portal.
Hope, this should clarity your doubts.
What is the DEUser Directory? The User Directory extends your ePO-managed DE to systems with unmanaged, non-domain users. In addition to users managed in Active Directory, DE can now also use these ePO-managed users for preboot authentication. User data is now synchronized from Active Directory and cached locally in ePO. This fact eliminates the need for constant round trips from ePO to Active Directory. It results in significant performance improvements for user-based policy checks.
Other User Directory general facts:
User Directory removes the dependency on Active Directory
An Administrator must install the User Directory extension. You can do this install before, or after you have upgraded to DE 7.1.x. As long as the ePO prerequisites are met, which is ePO 5.1.x
There are no conceptual differences between the standalone users in EEPC 5.x and the users in the User Directory
Migrate EEPC 5.x standalone users to the User Directory.
You can createOrganizational Units (OUs) in the User Directory.
Users can be added to and removed from an OU.
Users can be moved from one OU to another OU
OUs can be nested.
A user can't belong to more than one OU
When selecting an OU, you can see all users that make up that OU (including nested OUs). NOTES:You can see all users from sub OUs, but not all nested OUs. From the distinguished name, you can see which sub OU each user comes from.
If the customer has an environment where there is no AD server, they would need to use User Directory users to assign Encryption Users to the McAfee Drive Encryption, so that these users can be used in the McAfee Drive Encryption Login screen for authentication.
If the customer has an environment where is there is AD server, they can choose between User Directory or Add Local Domain Users (ALDU).
However, its good to use ALDU which automatically adds the logged on windows user account to the McAfee Drive Encryption Login Screen (Technically called the Pre-Boot File System).
ALDU can save lot of manual work for the customer and they dont need to create and assign user directory users or they dont need to assign domain users manually too.
ALDU is an option in the McAfee Drive Encryption -> Product Settings Policy -> Log On tab.
To know more about ALDU you can check the video below,
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.