Creating rules for drives

Please do the following:

1. Once you have selected the Create rule option, a wizard appears.

2. On the Properties tab, enter a rule name and select the rule type. It determines the basic behavior of the rule:

   • Allow for specific users or computers: this unlocks the drives for selected users on selected computers.

   • Allow for all: This will unlock the drives for all users on all computers.

   • Deny for all: This locks the drives for all users on all computers.

3. The drives for the new rule are listed on the List of drives tab. A warning appears if there are already rules for the drives. If you add only one drive to the rule, you can edit the drive's properties and enter a comment. The drive properties support wildcards (*, ?), so you can specify a range of serial numbers, for example.

4. On the Permissions tab, you can choose users and groups from the AD inventory and add them to the rule. Permissions for reading, writing and executing can also be configured here. When you select computers, you can include computers and groups from the AD inventory and DriveLock groups.

5. On the Options tab, you can configure the following options:

   • User must accept usage policy: A drive may not be accessed until the user confirms reading a usage policy.

   • Require drive to be encrypted

   • Automatically encrypt unencrypted drives

     Please note that encryption and recovery must be configured in a different policy for enforced encryption. For more information on encryption, see the Encryption documentation at DriveLock Online Help.