On a couple of my machines I have users that appear as "Unknown Users" to EEPC but when I look at the EEPC users within EPO it lists the same users as being authorized for those machines. The users have had to call into our Helpdesk and do an Administrative Machine Recovery to let those users through the EEPC pre-boot login. The users can then log into Windows. The same users have done this 3 to 4 times now and their user ID's are never added to the pre-boot login.
I have port 8083 on my EPO server open to the outside to allow Agent to Server communications while off campus. I thought having this port open would also allow for policies to be downloaded to machines as well. Then those users would be added because I have the "Add all previous and current local domain users of the system" option checked. It seems as though that this policy is not getting enforced. Am I missing something here? Thanks in advance.
EEPC Agent 184.108.40.206
McAfee Agent 220.127.116.110
EPO Server 4.5.4 HF1 (Build: 1093)
Can you verify the last check-in time for these machines to see if they are able to access ePO server? I can think of some issues if they cannot resolve the ePO server in DNS for example from outside. Do they ever use VPN? If not, usually a Secure Agent Handler is advised for off-network hosts to communicate in.
I'd deploy eego to one of the endpoints and take a look at the data channel test - you may have a firewall/nat issue affecting the data channel.