2 Replies Latest reply on Mar 16, 2010 10:42 AM by SafeBoot

    SSO (again)

      Dear All,

       

      EEPC 5.1.8.  Also 5.2.3 in test.

       

      From the manual the option "Set Endpoint Encryption Password to Windows Password"  = If the Windows and Endpoint Encryption login passwords differ, Users will be prompted to set the Endpoint Encryption password to the Windows password. Also, if the user changes their password in Windows, their Endpoint Encryption password will be set to match.

       

      As a test the first time I log into a machine using an account that has the default password of 12345 set, I choose a new password but one that is different to the AD password.  The machine boots to the Windows login prompt I then enter the correct AD password. After I get to the desktop & the machines syncs up, I then reboot & the MEE password has been changed to the correct AD (as per the notes in the manual above). So far so good, behaving as expected.

       

      Then I change the MEE password again by doing a user recovery or local recovery & again choose a new password which again is different to my AD, this time the Windows prompt sails through presumably with the cached AD password. But the MEE password I type in at preboot is now different to the AD password.

       

      Question, is this how its supposed to behave after the initial login ?  Shouldnt the MEE password get changed to match AD everytime as per the setting "Set Endpoint Encryption Password to Windows Password"  ?

       

      I can clear the SSO in the console but I'd rather have the "Set Endpoint....." option doing what it says it should.

       

      Any advice appreicated.

        • 1. Re: SSO (again)

          it will only set the EEPC password to the Windows password during a failed SSO, or a detected network change password event.

           

          If you set the two differently yourself (as you did), that won't be overruled until the next event as above.

          1 of 1 people found this helpful
          • 2. Re: SSO (again)

            Thank you for the quick response. If thats the way it is, then thats the way it is.

             

            The description is a little misleading though & makes no mention of this caveat   "If the Windows and Endpoint Encryption login passwords differ, Users will be prompted to set the Endpoint Encryption password to the Windows password".

             

            It would be a nice feature for future releases !