The information in this section assumes that you are on the Configure Disk Encryption - Admin Password and Encryption Initialization page of the Create New Disk Encryption Policy wizard. If you are not, see Creating a Policy for instructions about how to get there.
The Administrator password enables access to the Administrator options in the Full Disk Encryption Agent. These options help you see the current status of the agent and view the assigned Disk Encryption policy, as well as troubleshoot problems with the agent or policy.
To set the password, click, specify the password, then click .
If you ever need to allow a user to access the Administrator options, we recommend that you use the Password Key Generator utility to generate a password key. The key, which is based on the FDE Admin password, functions the same as the FDE Admin password but can be tied to a single device or user and can have a usage or time limit.
The Password Key Generator utility is accessible under thelist in the left navigation pane.
When the Disk Encryption policy is applied to a device, the device’s disks cannot be encrypted until the device reboots and loads the Full Disk Encryption Agent’s encryption drivers.
Reboot Behavior: Select one of the following:
Force device to reboot immediately: Reboots the device immediately after the Disk Encryption policy is applied.
Do not reboot device: Does not force a reboot after the Disk Encryption policy is applied. The user must initiate a reboot before disk encryption can occur.
Force device to reboot within XX minutes: Reboots the device within the specified number of minutes after the Disk Encryption policy is applied. Providing a reboot delay can give the user time to save work prior to the reboot. The default delay is 5 minutes.
Display predefined message to user before rebooting: If you selected theoption or the option, you can display a message to the user. The option does not support a message.
Select this option to display the following message:
ZFDE Policy Enforcement
Your ZENworks Administrator has assigned a Disk Encryption policy to your computer. To enforce the policy, your computer must be rebooted.
Override predefined message with custom message: This option is available only after you select theoption. It lets you override the predefined message with your own custom message. Select the option, then specify a title for the message window and the text to include in the message body.
We strongly recommend that you run Windows CheckDisk with Repair during the reboot. The disk check and repair is performed on the system volume (C: drive), ensuring that system and partition records are error-free prior to encrypting the target volumes.
This option is selected by default. If you are sure that the target volumes are in perfect condition (for example, the disks are new), you can select theoption.
NOTE:This setting does not apply to Windows XP. On Windows XP, CheckDisk is run if it is needed regardless of the setting.