We pre-create Laptop2 on EEM and assigned User1 and AdminGroup1
Install EEPC 5.1.6 on Laptop2, User1 cannot login. Any member of AdminGroup1 can however login.
Our fix has been to remove all users, sync, add user and sync.
This seems simple, the problem is that when User1 fails to login on Laptop2 after too many tries, he invalidates his token, which now fails on Laptop1 and unless we work with the user and both laptops at the same time, they fall into a cycle of locking out their token.
Problem stems from the fact that pre-boot works with cached credentials. Those are obtained after SUCCESSFUL sync with EE server.
I think that major source of above trouble is user ability to change password offline (i.e. without talking to the EE server first). I would call it a design flaw.
So depending on sequence of events (on multiple computers) various situations occur. Also, sync seems to update user object in database, based on password change event, regardless when that change occured.
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.