10.0 Managing PBA User Accounts

You can use the Full Disk Encryption Agent to add or delete user accounts for ZENworks Pre-Boot Authentication (PBA). PBA user accounts you add exist only on the device; they are not added to the Disk Encryption policy. In addition, if the Remove existing users from PBA if not in this list option is enabled in the Disk Encryption policy, the added user is removed after the next login.

You can also use ZENworks Control Center to add PBA users on a device. For information, see Manually Adding Users in the ZENworks 11 SP4 Full Disk Encryption PBA Reference.

  1. Make sure you know the FDE Admin password for the policy that is assigned to the device.

    To add or remove a PBA user account, you must know the FDE Admin password for the policy assigned to the device, or you must know the ZENworks Adaptive Agent override password or key. For more information about passwords, see Section B.0, Administrator Passwords.

  2. On the device, double-click the icon in the notification area, then click Full Disk Encryption.

  3. In the Full Disk Encryption Agent Actions section, click About to display the About dialog box.

  4. Click the Commands button.

  5. Supply the password, then click OK to display the Commands dialog box.

  6. Click the Add/Delete PBA User button.

  7. Provide the username, password, and domain of the user you want to add or delete.

    If the user is not part of a Windows domain, specify the computer name instead.

  8. (Conditional) If you want to delete the user, select the Check to Delete User box.

  9. Click OK to add or delete the user.

    You can verify the change by viewing the agent status and looking at the PBA User List (see Viewing the Agent Status).