Configuring Endpoint Encryption Users Rules

The following procedure explains the configurable options for policy rules affecting authentication and Endpoint Encryption user accounts.

  1. Create a new Endpoint Encryption policy.

    See Creating a Policy.

  2. Click Users.

    The Users policy rules settings appear.

    Figure 1. Endpoint Encryption Users Policy Rules
  3. Under Domain User Settings, select Enable domain authentication to specify whether users require domain authentication.

    Active Directory (AD) synchronization requires PolicyServer to have three enabled components:

    1. Configure the AD domain.

    2. Configure the policy group to point to the proper Organizational Unit (OU).

    3. Configure the policy group with appropriate credentials to access the AD domain that matches the policy group's "Distinguished Name".

  4. Under User Management, configure user access.
    • Select All Endpoint Encryption users to allow all users, domain and local accounts, to authenticate Endpoint Encryption devices.

    • Select Select specific users to specify which already added Endpoint Encryption users can authenticate to managed endpoints.


    Policy rules only affect existing user accounts. Before configuring policies, add new users with the Endpoint Encryption Users Widget.