I'm currently testing with Drive Encryption 7.1 (ePO managed). I set up a domain controller and an additional server with ePO 5.3. I already checked in the packages and rolled out the software to a client with Windows 7.
At the moment we're using version 5.X (EEPC), which is managed by Endpoint Encryption Manager (EEM). I noticed that the ePO managed version offers ways less features ... or they are maybe hidden somewhere
Just now I can successfully login into Drive Encryption (DE) on startup with a domain account, which is assigned to a particular pc. Unfortunately until now I wasn't able to configure an eToken (e.g. aladdin/safenet without pki) for a specific user.
Depending upon the token type, you will need to select the token type. The supported tokens and corresponding token type and much more information regarding tokens are listed in KB79787.
You can then utilize a Policy Assignment Rule (PAR) to assign the token to the user. This will allow you to set a User Based Policy to assign to a single user or group. Sometimes you need a PAR and sometimes not. It depends upon your environment. You can find more information about using Policy Assignment Rules in KB71866.
There are 2 types of tokens. PKI and self initializing. It appears all the eTokens are PKI meaning they store a certificate in a PKI store such as Active Directory. You will need to configure your User Based Policy to import the proper certificate from Active Directory for use with this token. The certificate will then be download from AD using the AD: Sync across users Server Task.
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.