I have recently been asked whether it is possible to allow local Windows accounts to logon via preboot as well as Active Directory logon's. We have always just used AD logons and I cannot see anywhere in the Encryption Users section in ePO to do this. You can only browse your AD tree and select users there. You cannot seem to add a local administrator or local pc account from here.
Is it even possible? What does the "Add all previous and current local domain users" option do? I always assumed this adds all AD users that has logged into the device before.
The ALDU relies on domain accounts. If you want to add non ldap based accounts you will need User Directory which got shipped with Drive Encryption 7.1.
the problem with local users is uniqueness - EEPC assumes all users are unversally unique - so you can't have two "administrator" with different passwords on different machines.
So as long as your local users are unique, you can do as Fausto suggests. There's no way to break this rule though - EEPC is designed so users can log on using their identity on multiple machines.