This content has been marked as final. Show 7 replies
Can we use Autodomain here to add only the actual user?
Does this permit multiple users on one machine?
Can this remove "old users"?
>not at the moment, it only adds users.
Can you control from which user group the Autodomain script can get the user to add to the local machine?
>not really, it adds user accounts which match the current cached profiles, so if you are logged in as "foo" it will add the EEM user "foo".
Where can I download of the Autodomain script and help info?
>You can get it from McAfee platinum support or your services guy
Thanks for the Info.
I have a few follow up questions. (I have not got hold of this yet)
When the machine is installed, the EEPC is ready and machine is fully encrypted (I assume).
Then the machine is sent to the user for the first logon.
Do he need to run Recover by help of the Helpdesk to be able to start up the machine, or can this be done in a way to avoid this?
Will the cached user be added to the pc at the first logon, so that this is ready to use at next startup?
Can you build in some checks to verify that the user is added to the PC. I guess this action will need communication to the Database, and if this is not replying timely I am worried about the stability of the solution.
Does this work on Windows 7?
AutoD will ask the user what their password is and set them up if you deploy in autoboot mode - most people are encrypting existing machines though, not fresh ones?
I am a bit unsure how this is working since the Password for a user is set on the eToken when this is generated.(2 factor)
So in most of the cases the user will get their new token and the new Installed PC shipped. Then he will start from here.
Do you see any issues in such a scenario?
Machines should be fully encrypted as part of the installation.
The user will already know the token pin, and the user will already exist (because you would have had to manually create them and create the token for them).
You need to make sure you don't confuse "user creation" and "user assignment" - the former is where you will set the pin for the user, the latter is something autodomain can do for you.
if you're already going through the effort of installing EEPC, creating tokens for the user etc, why would you need autodomain at all? Surely you know who's machine you are making, why not just do the user assignment then?
Are you using eTokens in PKI mode or stored value mode?
Your environment is more complex than most, you're probably best of paying for some professional services time than trying to work this out on your own.
We use etoken in Stored Value mode.
We user AD COnnector to transfer users from dedicated AD groups. This is OK
Then since the customer wants that all users should be able to logg on to any machine, we have to add all user groups to the machine groups. This cause lot of syncing when the number of users increase.
Then this customer do not like manually work of assigning users to individually machines. So I hoped that Auto domain would help me in this process of automatically assigning them to the machine.
I do beleieve this should be solvable but need to be tested of cource.
Regarding Tech experts on EEPC and Scripting Autodomain we have lack on theese here in Norway /Nordics..... Any suggestions who could be assisting here. Also Performance tuning assistance would be helpful.
you can get the performance instructions from your McAfee people, though it is documented in the EEM Administrator guide.
Seeing as all your users will already be created in EEM, AutoD won't have to create anyone, so won't need to ask the user for their password.
So yes, it will do all the assignment work for you.