We are starting to roll out McAfee Encryption for PC and I'm wondering if it's possible for EPO admins (couple helpdesk and system admins) to be able to log into end users encrypted systems? We previously used PGP and with that, we would setup a USB token that would allow the helpdesk to bypass the Encryption boot screen to work on systems. What options do we have with EEPC?
Oh, so they need to be added to EEPC in EPO? Is there a way that certain individuals can be added by default? Adding people to 1200 machines one by one would take forever.
Simon is talking about adding them as Group Users.
From the product guide:
1 Click Menu | Data Protection | Encryption Users. The My Organization page opens.
2 Select the Organizational Unit from the System Tree and click the Group Users tab. - *** here you can add group users- Select what group you want to add the users at (all my encrypted machines reside in one spcific group) - Click Actions, Endpoint encryption, Add users. Once the machines update their policy, these users will be able to logon to all machines within that group.
3 Click Edit in Inheritance broken to open the Edit Group Inheritance page.
4 Select Break inheritance, then click OK.
The user Inheritance broken status:
• True — Specifies that the inheritance is broken. Breaking inheritance on a branch prevents
inheritance of users and/or groups from any parent branch. It has no effect to users and/or
groups assigned to the branch or child.
• False — Specifies that the inheritance is not broken. When inheritance is not broken on a branch,
it will inherit users and/or groups from the parent until the inheritance is broken.