Can you explicitely add specific users from each domain using "Menu" -> "Data Protection" -> "Encryption Users" ?
Select System then add users browsing through "Select Users" window. Switch between domains using "Look in:" dropdown list.
Yes, I can.
I can chose and assign users from both domains.
What did you configure in Server Task for "EE LDAP Server User/Group Synchronization" in "User Name" field?
Did you also check Server Task Log for above Server Task?
I already wrote, I used "samaccountname" in "User Name" filed in synchronization task for both servers.
Both tasks complete succesfuly.
Assuming that you refreshed ePO policies from your client.
Then enable EE plugin logging in your client PC and search for assigned user names (text preceeding </name></users>).
That should give you some clues.
Logging is enabled in 32-bit Windows by this registry entry:
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee EndPoint Encryption\MfeEpeHost\Configuration]
Log file should be by default in:
C:\Program Files\McAfee\Endpoint Encryption Agent\MfeEpe.log
have you also created a user based policy for all users in the second domain?
If there is no policy assigned to them, EEPC does not know which token they are using to authenticate.
Ok, I was my fault. Users from second domain have not disebled firewall, where EEPC requires by default 8081 port to be opened on client machine for incomming connections.
Apologize for unnecesary confusion.
But one still wonder me. How to distinguish (how EEPC in PBA recoginze) user, for example when we have the same user name (samaccountname field) in both domains assigned to one machine.