I've been tasked with putting right a McAfee Endpoint Encryption (Version 5.2.10) configuration for one of our neighbours in our organisation. Sadly they have added their whole Active Directory user group to all their systems so have about 6000 user objects in each system database! As you can problably imaging, they are having one or two issues which are affecting the rest of us! What I need to do is find a quick way of finding which users actually logon to which systems encryption. Is there any way I can use the reporting tool to find out what users actually logon to what system?
You could dump the logon event for the entire machine population, then massage it to get a list of who logs on there.
Others have written scripts which remove all users who don't have a matching cached profile from ad. That tends to give the same result.