Reference Guide
Manage Policies
144
Choose a key to indicate who can
access files encrypted by
Application Data Encryption List,
and where.
More...
Common for these files to be
accessible to all managed users on
the computer where they were
created (the same level of access
as Common Encrypted Folders),
and encrypted with the Common
encryption algorithm.
User for these files to be acc
essible
only to the user who created
them, only on the computer where
they were created (the same level
of access as User Encrypted
Folders), and encrypted with the
user encryption algorithm.
User Roaming for these files to be
accessible only to the user who
created them, on any encrypted
Windows computer, and
encrypted with the User
encryption algorithm.
Changes to this policy do not affect
files already encrypted because of
this policy.
SDE Encryption Enabled Not Selected
If this policy is not selected, SDE
encryption is disabled, regardless
of other policy values. Selected
means that all data not encrypted
by other Intelligent Encryption
policies are encrypted per the SDE
Encryption Rules policy. Changing
the value of this policy requires a
reboot.
SDE Encryption Rules
String
F#:\
-^%ENV:SYSTEMDRIVE%\System Volume Information
-
^%ENV:SYSTEMROOT%\;dll.exe.sys.ocx.man.cat.manifest.policy
-^%ENV:SYSTEMROOT%\System32
-^%ENV:SYSTEMROOT%\SysWow64
-^%ENV:SYSTEMROOT%\WinSxS
-^%ENV:SYSTEMROOT%\Fonts
^3@%ENV:SYSTEMROOT%\SYSTEM32\;exe
-^3@%ENV:SYSTEMROOT%\SYSTEM32\cmd.exe;exe
-^3@%ENV:SYSTEMROOT%\SYSTEM32\autochk.exe;exe
-^3@%ENV:SYSTEMROOT%\SYSTEM32\winresume.exe;exe
-^F#:\bootmgr
-^F#:\boot
Encryption rules to be used to
encrypt/not encrypt certain drives,
directories, and folders. See
Encryption Rules for information.
SDE Encryption Rules may be
changed as appropriate for your
environment. However, these
defaults have been tested
extensively. Removing these
exclusions may result in Windows
issues, particularly after applying
patch updates.
Contact ProSupport for guidance if
you are unsure about changing the
values.