This content has been marked as final. Show 5 replies
Can you let us know what build of SafeBoot/MEE that you're running? Also, are you using the standard MSGINA? When the users password expires, how are they notified and how are they changing their password? Is this all happening through the MSGINA on the device that's encrypted, or are there 3rd party tools involved in that part?
Could you post a client log of when the password expires and the user changes it?
Here's some of the info to be getting on with.
SafeBoot Client (v5.1.5)
Safeboot admin (v184.108.40.206)
The MSGina is the standard windows XP one, they are notified by the standard windows
password message "Your Password Has Expired and must be changed". User does the usual new password, confirm password.
No other third party tools are being used other than the Safeboot Device Encryption.
I'll post a log of an expired password when I get one (Will be monday now)
Thanks for the prompt reply.
Did you check the machine settings for synching passwords or usernames must match (whatever the correct verbage is, at home now)?
Also, does your SafeBoot username exactly match your Windows login? If using UPN, read the other articles on this forum.
yep the username must match the windows user name. This is done via the ad connector, so the user is permissioned to a specific usergroup within AD which ties in via a corresponding group in Safeboot.
We need to see the client log from a system when this happens. I want to see if the client log shows the "sending local token changes to database" and "sending local SSO changes to database". If both of these are present and the client *still* doesn't take the new password, then we have a real problem.
We also need to know exactly which Windows Logon options you have checked in the Machine properties. Finally, we need to know if this is a Vista or XP machine. If it is Vista, SSO will only work if you have ALL Windows Logon options checked.