Running Symantec Encryption Server 3.4.1 (Build 490). We currently have LDAP and Silent Enrollment enabled so once the client is installed, the end user logs into Windows and machine is auto-enrolled. I have a couple of questions:
1. We have tellers at our bank who may go from one machine to another from time to time and this will pose a challenge to them if they have not logged into the machine. Our plan is to have the end users log off the machines where possible. In the event the machine has restarted and they need access for the first time they will have to use WDRT recovery by calling our service desk.
2. Is there a way of provisioning end users to machines so they are not forced to log in to enroll? I see other products such as McAfee Encryption allows for these features. Seems like this is a limitation to Symantec Encryption itself.