cancel
Showing results for 
Search instead for 
Did you mean: 

SSO and Password expiration on Vista

We seem to have an issue with EndPoint Single Sign On on Windows Vista. Password syncing/SSO all seems to be working fine but we have a problem when a user's password has expired.

On a standard Windows Vista build without EndPoint installed we get the following prompt when logging on to a PC where the users domain password expired:

"Your Password has expired and must be changed." By clicking on OK we get the standard Vista change password screen where we enter a new password and confirm and then proceed to login.

However on a Vista build with EndPoint installed we receive a different prompt:

"Logon Failure: The specified account password has expired". When we click OK we are presented with the McAfee EndPoint SSO credentials Dialogue box to provide single sign on credentials. Crucially we do not get the option to set a new password?

I cannot understand why we are receiving two different prompts and not being given the opportunity to set a new password on an EndPoint encrypted PC?

We have all the Windows Logon options configured on the server, prior to the password expiring the PBA and Windows passwords are in sync and single sign on is working as expected.
18 Replies
Makke
Level 7
Report Inappropriate Content
Message 2 of 19

RE: SSO and Password expiration on Vista

Hi,

We're experiencing the same problem.

We are using pre-boot and SSO on our Windows Vista workstations. We concluded that if the Windows password expires when the user is logged in and working, this is synched to pre-boot and on the next reboot, we have to recover the user in preboot and reset the password in Active Directory.

We're now looking into forcing the user to change their password before it expires. We're also looking into logging a case at McAfee support about this issue.

If we have a solution or think of something, I'll let you know.

Mark

RE: SSO and Password expiration on Vista

Hi Mark thanks for the reply and I'm glad to hear its not just us that have experienced this issue!

Would be handy to get McAfee support reply to this post to confirm if this is a known issue?
Makke
Level 7
Report Inappropriate Content
Message 4 of 19

RE: SSO and Password expiration on Vista

It would be handy yes, but if I understand the banner of this subforum correctly, they don't.

 

These products are NOT officially supported by McAfee Technical Support here.

RE: SSO and Password expiration on Vista

What version of EndPoint are you on? We are a couple of versions behind and was hoping that this has maybe been fixed in new 5701? Although the release notes for 5600 or 5701 do not mention any SSO updates.
Makke
Level 7
Report Inappropriate Content
Message 6 of 19

RE: SSO and Password expiration on Vista

We are on 5600 now.

RE: SSO and Password expiration on Vista

Just setup a test environment with 5701 and a Vanilla Vista build and we get the same problem. Definitely seems to be an bug in the software. I'm surprised this has not been picked up and resolved considering how long Vista has been out now. I think we will need to raise a support call for this too. Thanks for your help.
Makke
Level 7
Report Inappropriate Content
Message 8 of 19

RE: SSO and Password expiration on Vista

You're welcome.

Please let me know how this turned out for you. I'll do so too.
Makke
Level 7
Report Inappropriate Content
Message 9 of 19

RE: SSO and Password expiration on Vista

Hi,

It looks we've encountered a bug in the software. We've been informed a fix is developed.

I'll return back when I know more.

Mark

RE: SSO and Password expiration on Vista

Hi Makke,

Yes we have a call raised too, they have confirmed the bug but we have not yet been told that a fix has been created or when its likely to be created.

Keep us informed.

Thanks.