The Sophos Community will be offline for scheduled maintenance this Saturday, May 27th, at 13:00 UTC for approximately 1 hour. Apologies for any inconvenience caused.
"Wanna" ransomware outbreak. Please see this Sophos article sophos.com/kb/126733 for advice on how to protect your organization. Immediate action recommended.
Issue The 'User is allowed to create a local key' policy object is grayed out and cannot be configured.
Known to apply to the following Sophos product(s) and version(s) SafeGuard Management Center / Local Policy Editor
This setting is a machine setting, and therefore must be defined at the top level of all possible encrypted drives. This means that the policy needs to be set to "File based encryption" for "Local Storage Devices" After that, the setting will no longer be greyed out and can be configured. Note: File Based encryption policies that are defined for boot volumes will have no effect with regards to the encryption status. This means that the "User is allowed to create local key" setting will be applied but no file based encryption for that device will be started.
File based encryption
Local Storage Devices
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. If you need technical support please post a question to our community. Alternatively for licensed products open a support ticket.