We have a user that is having trouble with their safeboot password.
We have reset it remotely using the client code, but when the laptop is restarted it says the password is incorrect. We reset password again, reboot the laptop , and it again tells us the password is incorrect.
It's as though its not writing the new password into the system.
what does the client log say is happening to the token? Is it moving from the db to the client, or the other way around?
If it's moving the wrong way, probably someone had a bad time on their machine and you're not using time sync on the client and admin - check the times (and zones), then recreate the token for the user.