cancel
Showing results for 
Search instead for 
Did you mean: 
doktorbanner
Level 9

ePO 4.6 Policy Assignment Rules and EEPC 7.0.2

Jump to solution

I am using ePO 4.6 w/EEPC 7.0.2, we have users that are permitted to use their password only token and others that are required to use a RSA Stored Value Token.  Our default policy, which is applied to the system, states to use password only.  I have created a Policy Assignment Rule that applies to our domain users which require the stored value authentication.  I have also enabled the User Based Policy setting for the specific users.  When I apply the Policy Rule to the system using the Domain Group Membership as my user criteria I receive the following error:

ERROR

           
          

EpoPlugin

           

userHandler: OptIn user (i.e. non-default UBP user) [QASRV\activ121_self_init] has incomplete UBP (missing UBP/Ident) which is preventing activation.  (I pulled this from a McAfee KB article)

If I configure the Policy Rule User Criteria to apply to a specific Stored Value Token user the issue does not exist.  From an administration perspective adding users to the Policy Rule is ineffecient and will not work in the bigger picture.  My question is how does this need to be configured to have the Domain Group Membership setting work?

The user in question is a member of the Domain Group I am trying to apply this Policy Rule to.

0 Kudos
1 Solution

Accepted Solutions
doktorbanner
Level 9

Re: ePO 4.6 Policy Assignment Rules and EEPC 7.0.2

Jump to solution

I was able to fix the issue.  My original Active Directory Domain Group was created as a Global Security group.  Using a Domain Local Security group resolved this issue.  Hopefully this helps some others.

0 Kudos
2 Replies
doktorbanner
Level 9

Re: ePO 4.6 Policy Assignment Rules and EEPC 7.0.2

Jump to solution

I was able to fix the issue.  My original Active Directory Domain Group was created as a Global Security group.  Using a Domain Local Security group resolved this issue.  Hopefully this helps some others.

0 Kudos
SafeBoot
Level 21

Re: ePO 4.6 Policy Assignment Rules and EEPC 7.0.2

Jump to solution

good catch!

0 Kudos