We have a unique situation in which all of our users are workgroup users working remotely. We have a server setup which has the necessary configuration in place for the EEPC and EEFF clients to contact the server via the internet and this part is working great. I would like to implement SSO. I have all the options checked under Windows Logon except "Require Login to Endpoint Encryption" and "Require Re-logon to Endpoint Encryption. SSO seems to work fine if the Windows username on the client machine maches the EEPC user (which I would expect since that checkbox is checked). However, I would like to standardize the Windows usernames, so have used the "Change Name" feature of Windows XP to change the current Windows Logon name to a standardized logon name (which matches the EEPC username as well). I then log off the Windows session and log back on with the new username. I then deploy EEPC to the client. They log in after installation and type their default password of 12345 and then are forced to change it immediately. They change it to match their Windows password. They are then taken to the Windows Login screen where they log in with their new Windows username (that matches EEPC) and password. I then force a sync from the client-side. The sync log says that changes to the user sso is being uploaded to the database. I then reboot the system. However, SSO does not work. It still stops at the Windows logon screen. Why would this be?
If I set the SSO Details from the server and sync the client, this allows SSO to work fine - until the Windows password is changed. I press ctrl-alt-del to change the password, force a sync from the client-side, and reboot the system. The EEPC password doesn't get changed. I manually change the EEPC password from the SafeBoot screen to match the newly changed Windows password, but SSO still does not work.
Any ideas would be greatly appreciated!