I am running EEPC 6.1 and EPO 4.6. Over the past month, I have had 3 instances where three seperate users have called me and said they are getting "Unknown User" at pre-boot. When I go to their computer in EPO and check Encryption Users, there are none listed for the PC, even though they were previously added and logging into pre-boot successfully.
This morning, I had it happen to me. I checked my PC in EPO and I am missing from the Encryption Users list. I am the only administrator of the product and no one has made any changes to EPO, EEPC, or AD in regards to my PC.
Any ideas why I am seeing this?
Just got off the phone with a McAfee Tech and he told me that because my network is DHCP, this issue occurs when the DHCP lease is up on a computer and its not on the network at that time. Therefore the computer gets a new GUID and the users are erased. This is crazy!
He is supposedly checking with Tier2 on this and I sent an email to my Tier 3 rep so I can get this clarified. If this is true, then this is definitely a bug that needs to get resolved.
Anyone else out there have this issue?on 5/25/11 7:42:07 AM CDT
You got it. They were each added individually to their respective computers. Group users are not affected. I have no cleanup tasks or sorting tasks. Randomly, the users decide to erase themselves for a computer.
Users can be removed via the UI or via the EE LDAP sync task.
Now I'm assuming that you haven't removed them. So that leaves the EE LDAP sync task.
Users will be removed if they no longer exist in AD.
Could you explain how your AD server is configured.
Were the users added individually or as part of an OU/Group ?
Also have you checked the logs for the EE LDAP sync, under the server tasks?
I am fully aware that the LDAP sync will remove users if they are removed from AD and the users have not been moved or deleted. The users were added to AD individually.
There is nothing in the log regarding removing my user from EPO.
I have 1 AD server configured in EPO.
No child domains
Users are not being removed from the AD server. They are just being unassigned from Encryption Users for the computer in EPO. Nothing is changing in AD here. Its something EPO is doing.on 5/26/11 6:25:46 AM CDT