cancel
Showing results for 
Search instead for 
Did you mean: 

Assign eToken to user

Hey guys,

I'm currently testing with Drive Encryption 7.1 (ePO managed). I set up a domain controller and an additional server with ePO 5.3. I already checked in the packages and rolled out the software to a client with Windows 7.

At the moment we're using version 5.X (EEPC), which is managed by Endpoint Encryption Manager (EEM). I noticed that the ePO managed version offers ways less features ... or they are maybe hidden somewhere

Just now I can successfully login into Drive Encryption (DE) on startup with a domain account, which is assigned to a particular pc. Unfortunately until now I wasn't able to configure an eToken (e.g. aladdin/safenet without pki) for a specific user.

I followed this manual: https://kc.mcafee.com/corporate/index?page=content&id=KB71556

In the user-policy for DE I chose "EToken Smart Card" (no pki).

I am at my wit's end and appreciate any help for answering these questions:

- how to initialize an eToken (maybe with eToken PKI Client?)

- how to assign an initialized eToken to a specific (domain) user, which has been assign to a particular pc.

Thanks in advance!

2 Replies

Re: Assign eToken to user

I appreciate any help

Highlighted
McAfee Employee jhall2
McAfee Employee
Report Inappropriate Content
Message 3 of 3

Re: Assign eToken to user

Depending upon the token type, you will need to select the token type. The supported tokens and corresponding token type and much more information regarding tokens are listed in KB79787.

You can then utilize a Policy Assignment Rule (PAR) to assign the token to the user. This will allow you to set a User Based Policy to assign to a single user or group. Sometimes you need a PAR and sometimes not. It depends upon your environment. You can find more information about using Policy Assignment Rules in KB71866.

There are 2 types of tokens. PKI and self initializing. It appears all the eTokens are PKI meaning they store a certificate in a PKI store such as Active Directory. You will need to configure your User Based Policy to import the proper certificate from Active Directory for use with this token. The certificate will then be download from AD using the AD: Sync across users Server Task.

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community