it will do a logon when something tries to access encrypted data, so it all depends on what the user is doing?
If the user is trying to access a file, or browse an encrypted location, it will keep trying to get a login until the user (or whatever) stops trying to access the file.
You have to logon before any data can be accessed, even if it's just explorer browsing the files.
Thanks for quick reply.
If the machine is encrypted with Endpoint Encryption for PC (whole C drive is encrypted), would that make the EEFF try to authenticate as well?
Reason why I am asking is that I need to know at what point the authentication happens, as we will have users that should not have any logon prompt to the Safeboot database/server, but just use the default policy that comes with the install set (client). This would mainly to use the Self-Extractor functionality and not the encrypted file/folder option (as this will required encryption key).
Also these machines will not have any EEPC installed, nor hard drives encrypted. Would this be a possiblity and if so, what should I set the settings to?
no, eeff only pays attention to files. eepc only to sectors.
any centrally managed key will cause an EEFF auth after a key unload - so any central recovery key for example set for EEFF removable media. Any centrally managed key, or key related to a specific user etc.
Is there ANY way of not having an initial login prompt for users with only EEFF installed? If so what are the setting required?
Thanks in advance
turn off the load keys on logon option, then you won't get authentication until the first time something tries to access encrypted data.
but, of course, if there's something on the desktop, or some application tries to open a file, you'll get the prompt soon enough. Your platinum support person can help you with the exact settings.
I refreshed this because I have a problem with authentication after logon. I disabled " Load keys on logon" in policy but after logon EEFF client still want to synchronize with the server. I have no idea where is the problem and whot should I do.
I don't want to authenticate after every logon/restart
most likely you have an encrypted file on your desktop, or you didnt actually disable the option.
remember, if you are not using user-assigned policies, then the default one (the one you created the install set with) always applies, and never changes.
I made several tests and ...
I'm not sure if we understood good. I don't want to authenticate to EEFF after logon to Windows system ( domain ). I have a user who has policy with option "Load keys .." disabled. This option only give loading or not all keys after logon to EE server possibility ( SSO) . If policy contain access to several folders which use 2 or more keys then I need 2 or more authentication with this option disabled. It doesn't affect to authentication dialog after logon to Windows system. It works in my environment in this way.
Also I have other problem . When I cancel authentication then I can't access to ecrypting files in this Windows session. When I try to open those files I can't and I don't get any authentication dialog box! I must logoff ang logon again to access files. Opiton " Unload all keys ... " not help me.
Other observation: when computer is not connected to the network the authetication dialog not appear at logon. It looks like EEFF client discover EE server at logon.
Ok, some tests more and ...
I have encrypting folder on the file Server this folder is shared. when user logon to the domain this folder is mapped and then EEFF client check that folder is accessible and authentication dialog box appear ... Other user doesn't access to this folder and authentication not appear. Very strange for me . Why EEFF client checks accessibility on logon ? It should check it when I try to open file or folder.
when I cancel authentication on logon I still haven't possibility to access files in this session. I have to re-logon. Also very strange.
Is this features are correct ? Can someone to confirm interchangeably it?