Hi,
Why EEPC SSO does not take effect automatically? When the machine got encrypted and then rebooted, they can input their user account but receiving Token Authentication parameters are incorrect and eepc don't take their password.
As a temporary solution, we do token reset for user to be able to login.
Is there any required time for SSO policy to take effect?
Below are product versions
McAfee ePO: 4.6.6
McAfee EEPC: 7.0.1.354
Thanks in advance.
Do you have a server task setup to sync AD?
Do you have SSO enabled in your policy?
Yes, AD Sync happens hourly and SSO policy is enabled.
Is this happening on more then one client machine? I'll occasionally have this happen to one machine here and there and it requires a token reset.
You may try to lock and then unlock the computer after they change their password. That will push an event to the Agent to let it know it needs to update the credentials in ePO.
it happens on every newly encrypted machine. We are not comfortable in doing reset token for every machine that will be encrypted. And also we have machines that are from other region.
HAve any idea how to resolve this?
Did u tried with EEPC default password ?
Sathish is correct. The very first time any user logs in they will have to enter in the default password or if you have this disabled in the policy they will have to create a new password that is temporary until they log into windows and the machine is synced.
Hi Tcox,
Yes, you are right. first time you need to enter the default password for EE users, When machine boots into the windows and once its sync with SSO. Then, it will take effect in next reboot.
on 23/8/13 5:54:45 PM ISTThanks for all your post.
I've tested to encrypt one test machine. Have my regular account login and activate EEPC. After successful activation, rebooted the machine. Log in with my username and my current password and it successfully booted. I'm expecting I'll be getting the same issue with other user.
My idea is, when encryption happens with netwok connectivity and activated, user's password will be synched to eepc. But when encryption started and stopped when user need to bring home the unit and encryption resumes, that's when the passwords don't sync in. And this is how offline activation works (based on eepc documentation). This is only my point of view. You can correct me if I understood the policy wrong.
Most of the user's that encountered login issues are those who bring their laptop and encryption is not yet completed. And when they arrived home or they already travel to other country, that's when I received calls for eepc login problem
If there will be any detailed or exact explanation on this, I will be very grateful.
Thanks again for all your help
Message was edited by: romardy on 8/26/13 10:44:43 PM CDTDon't know what's happening exactly............................ upload the log files, will try to sort it out.
Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA