Showing results for 
Search instead for 
Did you mean: 
Level 7

Cached Password reset issues


We have EEPC 6 (just deployed and in test). A major issue we have encountered is the fact that we can not update cached passwords on encrypted laptops when connecting to the domain over an IPSEC VPN client.

The scenario:

  • User has a desktop in the office and a laptop for the road (usual in our environment).
  • AD password expires and is reset on the domain.
  • Laptop's cached password is now out of synch from the domain.
  • User logs into laptop (with EEPC enabled) using cached password from remote location.
  • User logs into VPN (Cisco VPN client)
  • User tries to access domain resource and is prompted with speech bubble "You need to lock your PC and unlock with your current password..."
  • User locks workstation
  • User unlocks workstation but with EEPC installed, the "current" domain password is not recognized so the user is forced to log back in using the cached password and hence is still out of synch.
  • Workaround 1:
    • Users presses ctrl+alt+del and selected change password
    • At old password user enters current domain password
    • At new password user enters brand new password
    • Drawback 1: User has only just recently changed their password on the domain and is now forced to change their password again from the laptop - annoying.
    • Drawback 2: A bit confusing for the users having to understand the difference between EEPC / Cached password, Old password (in their mind its still their "new password"!) and New password (a really new password!).
  • Workaround 2:
    • Disable SSO
    • Drawback: Not acceptable as previous requirement of project, stipulated by business!

Has anyone experienced similar things and discovered a better work around than us? Is it a known issue at McAfee to be addressed? What with the hibernation issue (supposedly resolved in patch 1) I'm not going to be a popular bloke for recommending EEPC!

Help much appreciated!


0 Kudos