The Endpoint Encryption Users widget provides user management capability directly from the Apex Central dashboard. Use the Endpoint Encryption Users widget to add or remove Apex Central user accounts, reset passwords, change permissions, configure policy group priority, import from Active Directory, and search for specific user accounts.
users-widget.jpg
Item
Description
Show
Select which users to display: all users in the Enterprise, or users in a specific policy.
Search (mag-arrow-devices.png)
Click the mag-arrow-devices.png icon to filter which Apex Central users appear in the table. Use the search field to specify parameters to search against.
Settings (widget-actions-icon.png)
Right-click a user
Click the widget-actions-icon.png icon to view user attributes or to perform actions on any selected user.
Add users (add-user-widget.png)
Click the add-user-widget.png icon to add individual users, import users from a CSV file, or import users from Active Directory LDAP.
Number of users
View the total number of users in the entire Enterprise, selected policy, or specified search.
Related information
The following table explains the options available under the settings icon.

User Settings Options

Option
Description
Change password
Specify a new password for users using the Fixed password authentication type. The widget does not support changing passwords for the Domain authentication type.
Delete user
Removes the selected user.
Modify user
Update the properties of the selected user. The following properties can be modified:
  • User name
  • First name
  • Last name
  • Employee ID
  • Email address
  • Freeze
  • User type
  • One policy
  • Authentication method
List policies
Displays the policies where the selected user is a member.
If the Allow Install column for the selected user is Yes, then the option to allow or disallow the installation of selected policies, as well as selecting which policies should be given first priority is enabled.

Add New User Options

The following table explains the options available when adding a new Apex Central user.

Add New User Options

Option
Description
User name
Specify the account user name that the user uses to authenticate.
First name
Specify the user's first name.
Last name
Specify the user's last name.
Employee ID
Specify the user's employee ID (optional).
Email address
Specify user's email address (optional).
Freeze
Select Yes to temporarily lock the account. A locked account cannot log on to Apex Central devices.
User type
Select User, Authenticator, or Administrator.
One group
Select Yes to only allow the user to belong to one policy at a time. The user may not be added to any other policy groups.
If you set this option to Yes and set the User type to Authenticator or Administrator, the user will be a group authenticator or group administrator respectively.
Authentication method
Select the authentication method available to the user.

Policy Membership

The following table explains how to understand Apex Central user policy membership.
Note
Note
Encryption Management for Apple FileVault and Encryption Management for Microsoft BitLocker do not require authentication and are not affected by authentication policies. Client, login, password, and authentication policies, or allowing the user to uninstall the Security Agent software only affects the Full Disk Encryption and File Encryption agents.
Header
Example
Description
Priority
1, 2. 3
Shows the order that Apex Central applies policies. When a policy is triggered that affects a user, Apex Central performs the action, and then no other policies affect the user for that event.
Policy Name
GP1
Shows the name of all policies that the user is currently assigned.
Description
Temporary employees policy.
Shows the description of the policy.
Allow Install
Yes, No
Shows whether the user can install new devices.

Importing Users from a CSV File

Note
Note
Importing users from a CSV file is supported only for users using fixed password authentication.
Format each line in the CSV file as follows:
<User ID (required)>, <first name>, <last name>, <employee ID>, <email address>
For fields with no data, use a comma as a placeholder. The following is an example CSV entry:
example_id, name,,, name@example.com

Procedure

  1. From the Endpoint Encryption Users widget, click Add User and then select Import Users from a File.
    The Import Users from a File screen appears.
  2. Click Choose File to select the CSV file.
    The Open CSV File window appears.
  3. Select the file and then click Open.
  4. Click Add.
    The users in the CSV file are imported.

Importing Active Directory Users

PolicyServer maintains a user directory separate from the Active Directory database. This allows PolicyServer absolute security over access to all Apex Central devices, user rights, and authentication methods.
Use the Endpoint Encryption Users widget in Apex Central to import Active Directory users.

Procedure

  1. Log on to Apex Central.
  2. Go to the Endpoint Encryption Users widget.
  3. Click the add-user-widget.png icon.
  4. Select Import Users from Active Directory.
    The Import Users from Active Directory screen appears.
    users-import-from-ad.jpg
  5. Specify your credentials for the Active Directory LDAP server.
    Note
    Note
    For Port, the value 0 specifies the default port. The default port is 389.
  6. Click Next.
  7. Wait for the specified Active Directory domain to populate.
    The Active Directory tree for the specified domain appears in the left pane.
    users-import-ad-sele.jpg
  8. From the left pane, use the navigation tree to select the container from which to add users.
    The available users populate in the right pane.
  9. Do one of the following:
    • Select individual users, then click Import Selected Users.
    • Click Import Everyone in this Container.
  10. Click OK to add the users to the specified location.
    A confirmation window appears.
  11. Click OK to confirm.
    An import status message displays.
  12. Click Close to finish, or repeat the procedure to select more users to import.