A couple of clarifications and one question.
During Encryption Recovery you can do the following, can you confirm the actions.
Machine Recovery: Bypasses preboot if no acconuts are available or assigned to the machine (essentially like using the EEtech boot disk)
Reset Token: Resets authentication for whatever token is being used eg - password, smart card etc.
Reset to Password Token: If something other than a password isbeing used to authenticate it changes that method to a "password token". Does this also reset the password history? Does this reset the "Timeout Count down" for incorrect Passwords."?
Question: If someone has activated EEPC and has been added to a machine as a user (logging into encryption for the First time). once they have entered the default password and set another one is there any way to clear them out of EPO so this process can be reset?
I want to be able to add the person to a machine for the first time..again... (eg - they have no previouse password stored in EPO and have to go through the default password option again.)
You need to go to queries & reports and run EE: Users. Select the user from the list, Action> reset token and if you have activated it, reset self-recovery. I believe this should give you the desired outcome
Hey George, Thanks for the option.
I tried this and after the policy update and I restarted, after entering the username I was prompted straight away to enter a new PW.
What I was wondering, is it possible to clear out a user from EPO completely. So when you enter their name it asks for the "Default password" instead of just asking for a new password like they were a brand new user to EPO for the first time.
(note: the option you provided will still sort my issue so thanks)
I believe a user gets deleted from all the machines and epo only if it's deleted from Active Directory and then synchronized. I can't think of any other scenario where epo would completely delete the user data.