The Sophos Community will be unavailable from 13:00 to 18:00 UTC this Saturday, October 1st for upgrades. Stay tuned to our Twitter account @SophosSupport for updates.
Issue The 'User is allowed to create a local key' policy object is grayed out and cannot be configured.
Known to apply to the following Sophos product(s) and version(s) SafeGuard Management Center / Local Policy Editor
This setting is a machine setting, and therefore must be defined at the top level of all possible encrypted drives. This means that the policy needs to be set to "File based encryption" for "Local Storage Devices" After that, the setting will no longer be greyed out and can be configured. Note: File Based encryption policies that are defined for boot volumes will have no effect with regards to the encryption status. This means that the "User is allowed to create local key" setting will be applied but no file based encryption for that device will be started.
File based encryption
Local Storage Devices
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. If you need technical support please post a question to our community. Alternatively for licensed products open a support ticket.