9 Replies Latest reply on Mar 18, 2009 2:24 PM by wide_

    AD Password Sync

      We are in the process of rolling out Safeboot to all our laptop users! So far we've had no major problems, we've setup the safeboot connection manager, so that our AD and Safeboot password sync. So that, when we install the software onto a laptop

      The user logins with the defaul password '12345'
      Then the user is prompt to login again using '12345'
      as this is not their network password they are asked to login again, using the network password

      Once they've logged in the safeboot and network password are the same. So the next time they login the safeboot password is their network password.

      We have a user whose followed the same login procedure as everyone else, but when they restart their laptop they are unable to login using the safeboot password or the AD password?
        • 1. RE: AD Password Sync
          reset the password
          • 2. RE: AD Password Sync
            colyewg
            Also ensure the user account is not locked out, perhaps during your AD sync or due to exceeding the number of attempts to enter the correct password. Otherwise, reset the password/token as necessary.
            • 3. RE: AD Password Sync
              We've checked that the account is not locked, it just does'nt accept the password.

              what strange is that if you login as another safeboot user and get to the network login screen (as we don't have single sign on turn 'on') you can login as the user with the network password.

              We've reset the password to that it does'nt contain the same special characters '£' in the user case and it logins in fine?

              It's seems to be that the boot protection part of safeboot does'nt like this character ? as we've had other user using special character and they don't have any problems login.

              So when we set a user up, we are asking them to change their passwords if they have a £ in it!

              It just get stranger and stranger.
              • 4. RE: AD Password Sync
                colyewg
                That is strange, we've not encountered that ourselves and of our 1300 user I'm sure someone would have a few special characters being used. Then again I've not tried special characters myself but perhaps our server team actually have a policy set restricting use of them on AD and we wouldn't see it happen.

                Have you tried typing the £ sign into the username box to ensure it's being entered properly and SafeBoot is not enforcing a different keyboard layout, or that the function facility on the keyboard is returning the right character?
                • 5. RE: AD Password Sync
                  Anded I've had the same issue. It's hard to comprehend without seeing it yourself..

                  I ended up resetting the machine to group config, recreating the user account and resetting both safeboot and AD passwords then synching.

                  Seems to have resoved the issue. It does seem to happen to about 1 in every 100 user accounts that I've seen.
                  • 6. RE: AD Password Sync
                    Thanks for the replies,

                    I'll give them and ago and see what happens. We've encrypted another 20 today and no problems so it look's like it might be a 1 off
                    • 7. RE: AD Password Sync
                      The keyboard layout is the problem, when you type £ into the username you get a #, so obviously the password will never work! and on the same point, if some else logs in then they login the keyboard layout is the xp default so £ work!


                      Thanks for the help, just need to see about changing the keyboard layout ? for the boot part of safeboot
                      • 8. RE: AD Password Sync
                        you should see the selected layout at the bottom of the screen?

                        to change it, just cancel login, click options and then options - then you can pick from the list of installed keyboards.

                        the client will try to pick the pre-boot language and keyboard from the list of available ones ON ACTIVATION, but after the pre-boots there, it won't do the auto selection again.

                        also, by default, if you add a new language AFTER activation, it assumes you want ot use that language immediatly and will make it active, ignoring previous settings.
                        • 9. RE: AD Password Sync


                          I did actually consider that as a possibility too as the user had a non-standard keyboard to all other users, but it rectified itself after a group config reset. happy