Anybody? Is this possible anyway?
I assume the CIO isn't logged into mutilple machines without logging off?
Since the rule is applied to the user logged into the machine and not the machine itself, the rules you are trying to setup just need to follow these guidelines.
Block everything - Include Everyone, exclude CIO, exclude domain admins
Block everything, exclude Blackberry device ID - Include CIO
Hope that helps
the CIO only was an example... Some other users are indeed logged into multiple machines, specifically my project managers (and they also use BBs).
Your rules are defined on a general basis, I think, means are not pinned do specific machines? If so this yould be a solution to allow the BB on all machines, I think. Isn´t it?
I´ll try anyway...
PS: our CIO also did log on on multiple machines yet ;-)
Under assigned user, you can create a special user group by pulling the users from Domain. Then, create a device rule to use such user group, then assign the rule to the computer or group of computers. It can be done. However, the hard part is when you try to create the user group, you have to browse Domain to locate the users. That will be very time consuming. I did that at Lab wjhere I have Domain with less than 50 accounts. EPO server is join Domain and the user account to manage ePO/DLP policy has Domain Admin right.