cancel
Showing results for 
Search instead for 
Did you mean: 
anded
Level 7
Report Inappropriate Content
Message 1 of 10

AD Password Sync

We are in the process of rolling out Safeboot to all our laptop users! So far we've had no major problems, we've setup the safeboot connection manager, so that our AD and Safeboot password sync. So that, when we install the software onto a laptop

The user logins with the defaul password '12345'
Then the user is prompt to login again using '12345'
as this is not their network password they are asked to login again, using the network password

Once they've logged in the safeboot and network password are the same. So the next time they login the safeboot password is their network password.

We have a user whose followed the same login procedure as everyone else, but when they restart their laptop they are unable to login using the safeboot password or the AD password?
9 Replies

RE: AD Password Sync

reset the password
Highlighted
colyewg
Level 7
Report Inappropriate Content
Message 3 of 10

RE: AD Password Sync

Also ensure the user account is not locked out, perhaps during your AD sync or due to exceeding the number of attempts to enter the correct password. Otherwise, reset the password/token as necessary.
anded
Level 7
Report Inappropriate Content
Message 4 of 10

RE: AD Password Sync

We've checked that the account is not locked, it just does'nt accept the password.

what strange is that if you login as another safeboot user and get to the network login screen (as we don't have single sign on turn 'on') you can login as the user with the network password.

We've reset the password to that it does'nt contain the same special characters '£' in the user case and it logins in fine?

It's seems to be that the boot protection part of safeboot does'nt like this character ? as we've had other user using special character and they don't have any problems login.

So when we set a user up, we are asking them to change their passwords if they have a £ in it!

It just get stranger and stranger.
colyewg
Level 7
Report Inappropriate Content
Message 5 of 10

RE: AD Password Sync

That is strange, we've not encountered that ourselves and of our 1300 user I'm sure someone would have a few special characters being used. Then again I've not tried special characters myself but perhaps our server team actually have a policy set restricting use of them on AD and we wouldn't see it happen.

Have you tried typing the £ sign into the username box to ensure it's being entered properly and SafeBoot is not enforcing a different keyboard layout, or that the function facility on the keyboard is returning the right character?
wide_
Level 7
Report Inappropriate Content
Message 6 of 10

RE: AD Password Sync

Anded I've had the same issue. It's hard to comprehend without seeing it yourself..

I ended up resetting the machine to group config, recreating the user account and resetting both safeboot and AD passwords then synching.

Seems to have resoved the issue. It does seem to happen to about 1 in every 100 user accounts that I've seen.
anded
Level 7
Report Inappropriate Content
Message 7 of 10

RE: AD Password Sync

Thanks for the replies,

I'll give them and ago and see what happens. We've encrypted another 20 today and no problems so it look's like it might be a 1 off
anded
Level 7
Report Inappropriate Content
Message 8 of 10

RE: AD Password Sync

The keyboard layout is the problem, when you type £ into the username you get a #, so obviously the password will never work! and on the same point, if some else logs in then they login the keyboard layout is the xp default so £ work!


Thanks for the help, just need to see about changing the keyboard layout ? for the boot part of safeboot
Reliable Contributor SafeBoot
Reliable Contributor
Report Inappropriate Content
Message 9 of 10

RE: AD Password Sync

you should see the selected layout at the bottom of the screen?

to change it, just cancel login, click options and then options - then you can pick from the list of installed keyboards.

the client will try to pick the pre-boot language and keyboard from the list of available ones ON ACTIVATION, but after the pre-boots there, it won't do the auto selection again.

also, by default, if you add a new language AFTER activation, it assumes you want ot use that language immediatly and will make it active, ignoring previous settings.
wide_
Level 7
Report Inappropriate Content
Message 10 of 10

RE: AD Password Sync



I did actually consider that as a possibility too as the user had a non-standard keyboard to all other users, but it rectified itself after a group config reset. happy
More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community