cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted
Level 9
Report Inappropriate Content
Message 1 of 10

Single-Sign-On does not take effect

Hi,

Why EEPC SSO does not take effect automatically? When the machine got encrypted and then rebooted, they can input their user account but receiving Token Authentication parameters are incorrect and eepc don't take their password.

As a temporary solution, we do token reset for user to be able to login.

Is there any required time for SSO policy to take effect?

Below are product versions

McAfee ePO: 4.6.6

McAfee EEPC: 7.0.1.354

Thanks in advance.

9 Replies
Highlighted
Level 10
Report Inappropriate Content
Message 2 of 10

Re: Single-Sign-On does not take effect

Do you have a server task setup to sync AD?

Do you have SSO enabled in your policy?

Highlighted
Level 9
Report Inappropriate Content
Message 3 of 10

Re: Single-Sign-On does not take effect

Yes, AD Sync happens hourly and SSO policy is enabled.

Highlighted
Level 10
Report Inappropriate Content
Message 4 of 10

Re: Single-Sign-On does not take effect

Is this happening on more then one client machine? I'll occasionally have this happen to one machine here and there and it requires a token reset.

You may try to lock and then unlock the computer after they change their password. That will push an event to the Agent to let it know it needs to update the credentials in ePO.

Highlighted
Level 9
Report Inappropriate Content
Message 5 of 10

Re: Single-Sign-On does not take effect

it happens on every newly encrypted machine. We are not comfortable in doing reset token for every machine that will be encrypted. And also we have machines that are from other region.

HAve any idea how to resolve this?

Highlighted
Level 11
Report Inappropriate Content
Message 6 of 10

Re: Single-Sign-On does not take effect

Did u tried with EEPC default password ?

Highlighted
Level 10
Report Inappropriate Content
Message 7 of 10

Re: Single-Sign-On does not take effect

Sathish is correct. The very first time any user logs in they will have to enter in the default password or if you have this disabled in the policy they will have to create a new password that is temporary until they log into windows and the machine is synced.

Highlighted
Level 11
Report Inappropriate Content
Message 8 of 10

Re: Single-Sign-On does not take effect

Hi Tcox,

Yes, you are right. first time you need to enter the default password for EE users, When machine boots into the windows and once its sync with SSO. Then, it will take effect in next reboot.

on 23/8/13 5:54:45 PM IST
Highlighted
Level 9
Report Inappropriate Content
Message 9 of 10

Re: Single-Sign-On does not take effect

Thanks for all your post.

I've tested to encrypt one test machine. Have my regular account login and activate EEPC. After successful activation, rebooted the machine. Log in with my username and my current password and it successfully booted. I'm expecting I'll be getting the same issue with other user.

My idea is, when encryption happens with netwok connectivity and activated, user's password will be synched to eepc. But when encryption started and stopped when user need to bring home the unit and encryption resumes, that's when the passwords don't sync in. And this is how offline activation works (based on eepc documentation). This is only my point of view. You can correct me if I understood the policy wrong.

Most of the user's that encountered login issues are those who bring their laptop and encryption is not yet completed. And when they arrived home or they already travel to other country, that's when I received calls for eepc login problem

If there will be any detailed or exact explanation on this, I will be very grateful.

Thanks again for all your help

Message was edited by: romardy on 8/26/13 10:44:43 PM CDT
Highlighted

Re: Single-Sign-On does not take effect

Don't know what's happening exactly............................ upload the log files, will try to sort it out.              

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community