This content has been marked as final. Show 7 replies
check all the boxes. You can't just use one of them.
Then what's the point of having the individual boxes?
Also, I want my SafeBoot password to sync/become my AD password, when I check all the options, it happens the other way around--I enter my SafeBoot Password, and it logs me straight into windows.
we never change the AD password. Your only option is to sync the EEPC password to AD.
as for why there are lots of options - compatibility etc. It's always best to start with them all ticked though.
Right, I understand that the AD password is not being changed, but the option "Set Endpoint Encryption password to Windows Password" leads me to believe that I can make the EEPC password sync with my AD passwords. That is what I want. At the EEPC login, I want my users entering their AD password and then logging straight into the OS...does that make sense?
yes, and that's how it works.
when the user does a change password in AD, that change will get reflected into EEPC. IF EEPC accepts it (and that's a big IF depending on your password rules), then the pre-boot password will change to the new AD password. You'll see that reflected in the next sync event (local > db password movement).
Great, thanks for the info.
Sorry to belabor the point, but how does SafeBoot capture the Change Password event in AD? We employ an online directory service tool to make sure that when a user changes his/her password, it gets changed in all systems...thus, the Change Password event is not initiated from the machine--does that matter?
Thanks so much for all the info.
yes it matters a lot - we act as a network provider on the users machine, so if they don't change it on that node then we won't know it happens.
you could probably use our API with your custom application though to integrate at the back end. It supports ASP and COM so if you have some programming experience you could probably create something - other people have done such in the past.