cancel
Showing results for 
Search instead for 
Did you mean: 
jebotha
Level 9

Local Non-Domain Users for Drive Encryption?

Hi

I have recently been asked whether it is possible to allow local Windows accounts to logon via preboot as well as Active Directory logon's. We have always just used AD logons and I cannot see anywhere in the Encryption Users section in ePO to do this. You can only browse your AD tree and select users there. You cannot seem to add a local administrator or local pc account from here.

Is it even possible? What does the "Add all previous and current local domain users" option do? I always assumed this adds all AD users that has logged into the device before.

Many thanks

0 Kudos
3 Replies
foliveir
Level 11

Re: Local Non-Domain Users for Drive Encryption?

Hello,

The ALDU relies on domain accounts. If you want to add non ldap based accounts you will need User Directory which got shipped with Drive Encryption 7.1.

HTH,

Fausto

0 Kudos
SafeBoot
Level 21

Re: Local Non-Domain Users for Drive Encryption?

the problem with local users is uniqueness - EEPC assumes all users are unversally unique - so you can't have two "administrator" with different passwords on different machines.

So as long as your local users are unique, you can do as Fausto suggests. There's no way to break this rule though - EEPC is designed so users can log on using their identity on multiple machines.

0 Kudos
jebotha
Level 9

Re: Local Non-Domain Users for Drive Encryption?

Thanks very much for this suggestion. I will configure this and see how it goes

0 Kudos