I've been administering ePO for several years now but I'm totally new to EEPC, so I have questions.
I'm conducting tests on EEPC to see how it works and so on before we start killing everybody's laptop
We're presently using ePO 4.5, MA 4.5, VSE 8.8 (and HIPS 7 on some systems).
ePO server isn't up to patch 4 yet, but will be patched next week.
I've been reading the manuals (yes, some people do actually read them ) and saw that it says
"Register an AD/LDAP server on McAfee ePO Server"
Now, for many reasons, we don't have an AD (yet) and my guess is we won't have a working, global AD for some time yet. We have a partial LDAP but it doesn't cover all our sites or users or...
My question then : Is it absolutely necessary to have an AD/LDAP to use EEPC ?
Can't I at least conduct some (most) tests on one laptop without having an AD ?
Thanks in advance for any answers and pointers, I'll now go back to reading the man pages
yes, it's absolutely necessary for EEPC6 - the only way to get users into ePO is to use AD - not LDAP, Active Directory. You also need to be using EPO 4.5P4hf1 as well.
You might want to look at EEPC5, since it does not require EPO or AD - it's completely stand alone - that will get you protected, then you can migrate to EPO once your environment supports it?Message was edited by: SafeBoot on 7/27/11 9:29:33 AM EDT
Well.. that's a bad news.
EEPC 5 is out of question since we do not want an additionnal management server, it has to go through ePO !
I'm still reading, but do we actually need "user level management" ?
We "only" want to use full disk encryption.
I do need to study the manuals and understand them.
if you don't use authentication, then you won't be protected from data loss regulations - you do realise that yes? Not having users, is like leaving the keys in the door. Zero effective protection in the eyes of the law.
You need "user management" because you need some user accounts to work in our pre-boot authentication screen. Without users, what would you put in the "user name" field of the logon screen
Yes, our product does full disk encryption but it also does user authentication (that is what unlocks the disk). In order for us to authenticate a user, we have to get that username from somewhere and put it in our database. Today, the only way we can get user names is by pulling them from Active Directory.