|SafeGuard Full Disk Encryption / Service Account Lists for Windows logon|
There are different methods for specifying users in service account lists using the two fields User Name and Domain Name. Restrictions also apply for valid input in these fields.
The two separate fields User Name and Domain Name per list entry allow you to cover all available combinations for logging on, for example "user@domain" or "domain\user".
To handle several user name/domain name combinations, you can use asterisks (*) as wildcards. An asterisk is allowed as the first sign, the last sign and the only sign.
User Name: Administrator
Domain Name: *
This combination specifies all users with the user name "Administrator" who log on to any network or local machine.
The predefined domain name [LOCALHOST] available in the drop-down list of the Domain Name field stands for the logon on any local computer.
User Name: "*admin"
Domain Name: [LOCALHOST]
This combination specifies all users whose user names end on "admin" and who log on to any local machine.
Users may log on in different ways.
user: test, domain: mycompany or
user: test, domain: mycompany.com.
As domain specifications in the service account lists are not automatically resolved, there are three possible ways to specify the domain correctly:
You know exactly how the user is going to log on and enter the domain accordingly.
You create several service account list entries.
You use wildcards to cover all the different cases (user: test, domain: mycompany*).
Asterisks are only allowed as the first sign, the last sign and the only sign. Following are examples for valid and invalid strings using asterisks:
Valid strings include admin*, *, *strator, *minis*.
Invalid strings include **, Admin*trator, Ad*minst*.
In addition, the following restrictions apply:
The character ? is not allowed in user logon names.
The characters / \ [ ] : ; | = , + * ? < > " are not allowed in domain names.