cancel
Showing results for 
Search instead for 
Did you mean: 
nate.hall
Level 9

Administrator Logon to Encrypted Systems

We are starting to roll out McAfee Encryption for PC and I'm wondering if it's possible for EPO admins (couple helpdesk and system admins) to be able to log into end users encrypted systems? We previously used PGP and with that, we would setup a USB token that would allow the helpdesk to bypass the Encryption boot screen to work on systems. What options do we have with EEPC?

Thanks

0 Kudos
8 Replies
SafeBoot
Level 21

Re: Administrator Logon to Encrypted Systems

just add them as users to the machines and then yes, they will be able to login like users.

0 Kudos
nate.hall
Level 9

Re: Administrator Logon to Encrypted Systems

So any machine user will be able to log in with there AD credentials? They don't need any specific rights?

0 Kudos
SafeBoot
Level 21

Re: Administrator Logon to Encrypted Systems

only users you assign to the machines can login preboot.

0 Kudos
nate.hall
Level 9

Re: Administrator Logon to Encrypted Systems

Oh, so they need to be added to EEPC in EPO? Is there a way that certain individuals can be added by default? Adding people to 1200 machines one by one would take forever.

0 Kudos
SafeBoot
Level 21

Re: Administrator Logon to Encrypted Systems

You can add them at a higher policy level.

0 Kudos
nate.hall
Level 9

Re: Administrator Logon to Encrypted Systems

Is there a kb article or something I can reference?

0 Kudos
SafeBoot
Level 21

Re: Administrator Logon to Encrypted Systems

The product guide talks about assigning users to machines.

0 Kudos
jmcleish
Level 13

Re: Administrator Logon to Encrypted Systems

Simon is talking about adding them as Group Users.

From the product guide:

1 Click Menu | Data Protection | Encryption Users. The My Organization page opens.

2 Select the Organizational Unit from the System Tree and click the Group Users tab. - *** here you can add group users- Select what group you want to add the users at (all my encrypted machines reside in one spcific group) - Click Actions, Endpoint encryption, Add users. Once the machines update their policy, these users will be able to logon to all machines within that group.

3 Click Edit in Inheritance broken to open the Edit Group Inheritance page.

4 Select Break inheritance, then click OK.

The user Inheritance broken status:

• True — Specifies that the inheritance is broken. Breaking inheritance on a branch prevents

inheritance of users and/or groups from any parent branch. It has no effect to users and/or

groups assigned to the branch or child.

• False — Specifies that the inheritance is not broken. When inheritance is not broken on a branch,

it will inherit users and/or groups from the parent until the inheritance is broken.

HTH

Jane

0 Kudos