I have a question concerning configuring offline encryption on a standalone computer that will never connect to the ePO server. I have went through the process of configuring an the offline activation executable and started the encryption process. If I wanted to add additional users to the standalone PC or update the policy, how do I go about performing these task.
There is currently no method to add additional users to an offline system. Only the users that are included in the txt file will be able to login to the offline system. For active user management, the system must be communicating with ePO.
Thanks for the update. I just found the answer as well by going the the FAQ's for offline activation. If I were to update the UserList file with additional users, update any polices in the ePO_policy or ESofflineActivatecmd xml file (not sure which one, will only change a few statements to "true") and rerun the offline activation will that cause any issues if the drive is already encrypted?
I have never done that before but I would suspect that it would fail as the system is already activated. But there may be a way to do this using the DETech Stand Alone boot disk. If you emergency boot the system it will boot the system back to Windows and MDE will be placed into Recovery mode awaiting reactivation. If you run the new OfflineActivation.exe it will likely rebuild the preboot file system what what ever policy options and users that are in the new file and the user passwords will be reset. Never attempted this before but I think it should work.