I am still searching McAfee forums, but does anyone here use McAfee ePO and use a GPO to minimize cached credentials? Our laptops have a cached logon setting of 1 (and have for over a year) and recently (last 2 months only) they are getting locked out, and troubleshooting has it looking like the ePO agent on the system is doing it - viewing security logs it shows a logon type of 2 which is an interactive logon as you'd expect to see if one is sitting at the keyboard. A shared network logon type is 3 and an RDP one is 10, but many (if not all) of our McAfee managed systems have entries for the logon type of 2 for our anti-virus service account.
I recently patched our ePO server with ePO updates but am not finding any specific documentation about the agent needing interactive logon. The documentation DOES mention "impersonal a client after logon" but I am not sure it's the same thing. I need to know if this is truly the issue before seeing the cached logon to 2 logons remembered... David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
