cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Re: SSO Inconsistent - EEPC 6.1

We're 100% 32-bit.   

Ged
Level 7
Report Inappropriate Content
Message 12 of 28

Re: SSO Inconsistent - EEPC 6.1

Hi Chris,

I should explain more... the EEPC Credential Provider is dependent on the McAfee Endpoint Encryption Agent service to be able to get the system policy so it can work out if it should be invovled at the logon.  At first logon after a system boot, the EEPC Credential Provider typically has to start the EEAgent service and wait for it to be ready before it can query it for policy.  At 're-logon' / unlocks, this isn't necessary as the EEAgent will already be running.

As you get SSO work 100% of the time at unlock, it sounds like you are experiencing a problem with the CP starting and testing for the EEAgent to be ready - hopefully this will have caused some error to be logged in the MfeEpe.log file.  If you are unable to attach this file (to be honest - I am not sure how to do this!) - have a look in the log for any error messages around the time of a failed SSO - could you copy the text of the messages here?

Thanks.

Re: SSO Inconsistent - EEPC 6.1

Thanks for the run down - I had a solid grasp on how this all worked in XP with gina chaining, etc. but Credential Providers are new to me.  I've attached log in one of my other posts in this thread, hope something makes sense to you! 🙂

Ged
Level 7
Report Inappropriate Content
Message 14 of 28

Re: SSO Inconsistent - EEPC 6.1

No problem - can I check that this log covers a time when you had the "require EE logon" and SSO policies enabled?  I can find no entries at all for the MfeEpeCredentialProviderService!

Re: SSO Inconsistent - EEPC 6.1

The policy has been enabled since day 1 (which was Tuesday).  Is there an additional debug level that should be enabled to see MfeEpeCredentialProviderService ?

Ged
Level 7
Report Inappropriate Content
Message 16 of 28

Re: SSO Inconsistent - EEPC 6.1

Not that I know of - would this log cover a period where you have tried an unlock SSO - that should definitely show in the log as the MfeEpeCredentialProviderService starting?

Re: SSO Inconsistent - EEPC 6.1

Yes, it's yesterday to today, so in that time period I've rebooted a few dozen times, locked & unlocked at least 3 or 4 times, and even went to sleep once or twice.

Ged
Level 7
Report Inappropriate Content
Message 18 of 28

Re: SSO Inconsistent - EEPC 6.1

Chris - I've got to go shortly - I think you have already been talking with McAfee about this problem - if you haven't already, could you raise this with Support and ask them to quote this thread.

Thanks.

Re: SSO Inconsistent - EEPC 6.1

Thanks Ged - I have a ticket open on the issue and also have my professional services guy looking into it - I'll send them this thread, thanks.

Re: SSO Inconsistent - EEPC 6.1

Some more info about my last post. Here are the credential providers installed.  Also on our image is PowerBroker from BeyondTrust, which isn't a credential provider, it's used to elevate applications rights by policy.

MfeEpeCredentialProvider
GenericFilter

GenericProvider
MfeEpeCredentialProvider
NPProvider
VaultCredProvider
PasswordProvider
Smartcard Credential Provider
Smartcard Pin Provider
WinBio Credential Provider

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community