7 Replies Latest reply on Aug 10, 2009 10:54 PM by SafeBoot

    Enabling Windows Password Synchronization

      Using SafeBoot (Endpoint Encyrption) 5.1.8. We formerly had a dual authentication process with a seperate SafeBoot and Windows password. Our leaders have decided that they now want to move to a single log on, but they want the SafeBoot Password and Windows Password to be synchronized. I have checked the "Set Endpoint Encyrption Password to Windows Password" I am not getting any results. Windows XP SP3.

      anyone have any experience with this?
        • 1. RE: Enabling Windows Password Synchronization
          check all the boxes. You can't just use one of them.
          • 2. What's the point

            Then what's the point of having the individual boxes?

            Also, I want my SafeBoot password to sync/become my AD password, when I check all the options, it happens the other way around--I enter my SafeBoot Password, and it logs me straight into windows.
            • 3. RE: What's the point
              we never change the AD password. Your only option is to sync the EEPC password to AD.

              as for why there are lots of options - compatibility etc. It's always best to start with them all ticked though.
              • 4. RE: What's the point

                Right, I understand that the AD password is not being changed, but the option "Set Endpoint Encryption password to Windows Password" leads me to believe that I can make the EEPC password sync with my AD passwords. That is what I want. At the EEPC login, I want my users entering their AD password and then logging straight into the OS...does that make sense?
                • 5. RE: What's the point
                  yes, and that's how it works.

                  when the user does a change password in AD, that change will get reflected into EEPC. IF EEPC accepts it (and that's a big IF depending on your password rules), then the pre-boot password will change to the new AD password. You'll see that reflected in the next sync event (local > db password movement).
                  • 6. How?
                    Great, thanks for the info.

                    Sorry to belabor the point, but how does SafeBoot capture the Change Password event in AD? We employ an online directory service tool to make sure that when a user changes his/her password, it gets changed in all systems...thus, the Change Password event is not initiated from the machine--does that matter?

                    Thanks so much for all the info.
                    • 7. RE: How?
                      yes it matters a lot - we act as a network provider on the users machine, so if they don't change it on that node then we won't know it happens.

                      you could probably use our API with your custom application though to integrate at the back end. It supports ASP and COM so if you have some programming experience you could probably create something - other people have done such in the past.