We are having a very big password sync issue. Here are the detials:
- We are starting migrating to EEPC 5.2 (latest version) under WinXP
- After the instalaltion, the SSO works fine
- We then perform a change password in any way (Ctrl-Alt-Del OR when the Pwd Expiration popup appear). In any way, first we do not get the "Safeboot" confirmation popup like we had with our previous Safeboot version 4.x, second the password is not sync with SBFS, which means that when starting the machine, we have now to provide the old pwd, and SSO is broken and we have to logon in Windows using the new pwd.
Any help on where to investigate will be very helpful...
I am starting to compare our TEST environemnt where it was working until now with our PROD environment, but in the meantime, if anybody have an idea...
I already have checked a lot of things discovered in other discussions there, but without help.
Many thanks in advance.
For urgent production issues I recommend contacting McAfee support.
As for this particular problem, It would be good if you can provide: exact version of EEPC, Client communication and Audit logs with timed activities of users (when they change passwords). Also, exact client object settings (from EEM) and client PC OS versions would be helpful. Using EEM also check SSO value that is seen in database. From Windows, please list also all user accounts that are visible there.
After windows password changed, you need to wait MEE client to sync with the database, or you can sync it by yourself.
Only MEE Client that will read using SBGina on the Windows OS and then update EEM Database and also your SBFS.
if MEE client failed for whatever reason the password on the EEM database will remain the same not changed.
The EEM sync with AD does'nt actualy update password part - i'm also confuse with this part at the begining.
just to clear many people including myself not clear on this..
initially i though EEM will update the password by sync from AD as well.
infact not.. it's the MEE Client task to update that.
So the main point on updating the password to database & SBFS is depends on MEE Client..
Need to check SbClientLog.txtMessage was edited by: obelicks on 10/27/10 10:56:11 AM MYT
exactly - it has to happen on the client, because AD has no idea what your password actually is. The sync with AD is strictly a read operation - we don't publish anything back into AD.
Thank you all for your involvment.
I was finally able to fix the issue. It was a setting missing in the EEM (set EE pwd to Windows pwd !!!).
I discovered as well something different compared with Safeboot 4.x: when you change your windows pwd, there is no more the popup confifrmation saying that EEPC has changed the pwd. Can we still have this popup in EEPC ?
The popup is not present in EEPC5 - the change is silent.
Is that change in behavior (silent change) done on purpose?
That was done almost 6 years ago - Usually changes like that came as a result of user group surveys. I expect people generally just asked for a more transparent experience.