I have a question about the option to "Add all prefious and current local domain users of the system" under "Add local domain users". From the help file it states:
"On selecting this option, any domain users who have previously and are currently logged on to the system, are able to authenticate through the Pre-Boot, even if the administrator has not explicitly assigned the user to the client system."
Now my question is this, if another user logs into a machine with this setting checked will that user, and any other user who does this in the future, be added to the PBA? If so, isn't this a huge security risk? Or am i just not understanding this correctly?
Yes I was misunderstanding this feature. Sorry!
I do have another question on it. When I reimage a computer, the original user is the only account being added to that machine by ePO after the install. Why is this? Shouldn't it look for the new local domain accounts and sync those as the EE users of that machine instead?
If you reimage the machine, it is probably a logical step to remove the machine from ePO. This will discard all the user assignments for that machine.
How would the automation know that you're about to reimage the machine?
Losing user assignments is quite a big deal for EEPC, as you can probably imagine. Automating the deletion of machines could lead to more of a headache than waiting until you have the system in hand, and then manually deleting.