1 2 Previous Next 15 Replies Latest reply on Jan 5, 2010 7:32 AM by peter_eepc

    EE6 | Issues Found | reproducible | Logoff and restart after more than 2mins of Idle

    mink

       

      Everyone,

       

      I was able to reproduce below in 2 systems (Dell  D620 and Lenovo x61s) and also in my VM. All are running XPSP3.

      Nothing interesting found in the logfile (level 3) so I enbaled level 4 but there is nothing relevent I could find.

       

      Q1: Can I avoid this behaviour by tweaking the policy?

      Q2: If not, any workaround to avoid this behaviour?

       

      EE client: XPSP3

      Encrypted, SSO Enabled and working flawlessly.

       

      When I lock the system (Ctrl + Alt + Del) and then unlock it, I will get McAfee EE Logon Box asking me to enter password. I left the system without entering the password for 120s - 140s (2mins) or more. When I entered my password, without a delay, I was logged out and system started restarting itself.

       

      eelocked screen1.jpg

       

      Only message I can see is `Please wait....` Saving Your Settings...` and very high level of disk I/O happening. 

      loging off and saving setings.jpg

       

      Here are my Product Settings (LogOn)

      EE Product Policy.jpg

       

      I also have observed the same by leaving the system locked for more few minutes. In this case when I press Ctrl + Alt + Del for McAfee EE logon system logs me off and restart without even prompting McAfee EE logon.

       

      Also, please let the forum know if you also can reproduce this.

       

       

        • 1. Re: EE6 | Issues Found | reproducible | Logoff and restart after more than 2mins of Idle

          I am a bit unclear on the problem. Is the problem that the machine shuts down when instead it should simply unlock the system?

          • 2. Re: EE6 | Issues Found | reproducible | Logoff and restart after more than 2mins of Idle
            mink

            Yes Dan, that's what happening.

            machine logs the user out instead of simply unlocking the system!

            it logs of successfully and then shows `Please wait | saving your settings....` i think system is trying to restart or shutdown but I have waited more than 15 mins nothing happens beyond that message/window.

            I am not sure it happens because of a policy setting (couldn't find anything) or due to a known/unknown issue. I can only reproduce this in XPSP3, haven't got any other system with different OS.

             

            All these machines are deployed via ePO (including my VM) and working flawlessly with SSO.

            • 3. Re: EE6 | Issues Found | reproducible | Logoff and restart after more than 2mins of Idle

              I just did a test on Windows 7 (32 bit) and I was not able to reproduce the behavior. I will try again on an XP system.

               

              Are you using the standard Windows GINA, or do you have something else (perhaps Novell) doing the authentication?

              • 4. Re: EE6 | Issues Found | reproducible | Logoff and restart after more than 2mins of Idle

                I just tested on a VM running Windows XP Pro SP3 and I was not able to reproduce the issue. My policy is the same as yours, so if it were a bug I should be seeing it to. Can you tell us more about your environment, any password managers or other GINA components?

                • 5. Re: EE6 | Issues Found | reproducible | Logoff and restart after more than 2mins of Idle
                  mink

                  I am not using password managers, my VM is a fresh one with SP3. Customer had Pointsec installed in one production laptop prior to EEPC. Then I tested

                  in a newly build system with no other password managers or gina components and also in my VM (clean build no additional components) - I still able to reproduce.

                   

                  SLogs in to the system (sso) then lock the workstation and unlock it, eepc logon prompt for the users password. leave that untouched for little more than 2 minutes then enter the password. System logs me off and try to restart (but never really restart).

                  • 6. Re: EE6 | Issues Found | reproducible | Logoff and restart after more than 2mins of Idle

                    How was the user assigned to the machine? Did you assign as a "group user" or did you let "add local domain users" create the user for you? I see you have the policy option disabled now, but it could have been on in the past.

                    • 7. Re: EE6 | Issues Found | reproducible | Logoff and restart after more than 2mins of Idle

                      maybe the machine is trying to suspend for some reason, or even shut down (Windows updates?) but the login screen is preventing that?

                       

                      I guess the trick would be to cause a delayed shutdown, and then lock the machine to see if the shutdown still occurred, or if it waited until the login.

                      1 of 1 people found this helpful
                      • 8. Re: EE6 | Issues Found | reproducible | Logoff and restart after more than 2mins of Idle
                        mink

                        In my VM, I have two users (manjula and mia), domain admin and a non-domain admin user, both are added from the AD (in the same ePO server). There aren't user groups configured.  I have also enabled `Require Endpoint Encryption logon:` as well as Add local domain users:


                        However, customer has a different policy, Following check boxes are unchecked (Disabled):

                        Require Endpoint Encryption logon: Add local domain users:


                        Further, I have added the Laptop owner's user name and Safeboot Admin group from the AD. This group has couple of Desktop admin users.


                        As you can see we have 2 Different polices but still able to reproduce the aforementioned issue.


                        Additional note: I changed the policy in my VM by disabling `Require Endpoint Encryption logon:` option. Then restarted the VM after I applied the policy. Logged in as mia (non-domain admin) SSO worked as expected. Locked the system and unlocked it, left the

                        EE login box for more than 2mins (idle) and entered the password - observed same result as earlier!

                         

                         

                        on 9/12/09 11:12:31 PM
                        • 9. Re: EE6 | Issues Found | reproducible | Logoff and restart after more than 2mins of Idle
                          mink

                           

                           

                          But I don't see a same reason to restart Customer laptops and my VMs (different domain/ EE polices). Customer may be running windows updates and other updates but I have disabled windows update in my XPSP3 VM. Strange thing is it never completes the restart/shutdown. I kept it for a very long time only thing I could see is the `Please wait....` Saving Your Settings...` windows dialog Box and high level of disk I/O happening.

                          I think it tries to logs the user off from the system not to restart/shutdown. Generally in XP systems when you select `Log Off...` you will see another Box, "Are you Sure you want to Log off?"  then when you click Log off you will see two message boxes briefly and disappears. First one is `Logging Off`

                           

                          I had one error in the Event Viewer

                          Event Type:       Error

                          Event Source:    crypt32

                          Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/au throotseq.txt> with error: The server name or address could not be resolved

                           

                          This happens when the Update Root Certificates component is turned on and the computer cannot connect to the Windows Update server on the Internet.

                          So I cleared the Update Root Certificates check box in the Add/Remove Windows Components as per MS recommendation. Thereafter that error disappeared but not the issue.

                          1 2 Previous Next