Product guide
Active Directory configuration
EEPC users are not created from the McAfee ePO server. They are assigned to the client systems from
an Active Directory (AD) registered in ePolicy Orchestrator. The McAfee ePO Server is responsible for
the connection between the client and AD.
Check for the correct format of the Domain name, Username, and Server Address while registering the
LDAP server in McAfee ePO.
The AD users are different from EEPC users.
• A user exists in AD.
• User string is added as a Pre-Boot user.
• User string is then matched to AD to verify if it exists.
• User string is used to login into Pre-Boot.
• If the correct SSO options are selected, then the user string is compared [string
comparison similar to java string.matches()].
• The end user perceives that he is logging only once using a single user, however, the
underlying mechanism still uses two different users one to logon at Pre-Boot and another
to logon against Active Directory.
Figure 3-1 Register Active Directory
It is better to key in the IP address of the domain server in the Server name field than entering the
domain name of the domain server. This is due to the potential problems caused by DNS failures and/or
canonical DNS servers failing to resolve the LDAP server(s) for the domain.
There could be instances when the Test Connection would get through even if you haven’t keyed in the
domain name and the username in correct format, however, the error could hinder the EEPC
activation. One of the potential outcomes is that a successful logon to the LDAP server might work
because the DNS resolves to LDAP_A but when the task is run the DNS resolves to LDAP_B and the
logon fails. Other potential outcomes can be that the logon happens against a LDAP server containing
the full copy of the AD structure, a later resolution points to a newly added server that only contains a
subset of the AD structure.
3
Software configuration and policies
Active Directory configuration
14
McAfee Endpoint Encryption for PC 6.2 Software Best Practices Guide