The following procedure explains the configurable options for policy rules affecting authentication and Endpoint Encryption user accounts.
See Creating a Policy.
The Users policy rules settings appear.
Active Directory (AD) synchronization requires PolicyServer to have three enabled components:
Configure the AD domain.
Configure the policy group to point to the proper Organizational Unit (OU).
Configure the policy group with appropriate credentials to access the AD domain that matches the policy group's "Distinguished Name".
Select All Endpoint Encryption users to allow all users, domain and local accounts, to authenticate Endpoint Encryption devices.
Select Select specific users to specify which already added Endpoint Encryption users can authenticate to managed endpoints.
Policy rules only affect existing user accounts. Before configuring policies, add new users with the Endpoint Encryption Users Widget.