Reply
Occasional Visitor
SGN_noob
Posts: 3
Registered: ‎Wed 14-Sep-2011
0
Accepted Solution

Sorry, this computer is locked.

Currently at my work places we are using Sophos SafeGuard 5.50 the laptops we currently use in place with the encryption are Lenovo's T60/T61/T400/T410/T420's and X220's.

 

I have seen a few sophos system lock outs with the T420's freshly imaged.

 

We perform a challenge response and user logs in as normal, but we have encountered several users getting this 3 times in a row!?

 

whether the user be working from home (remote) or in the office.

 

I need to know what could be causing these sophos lock outs??

 

Can someone please advise.

 

thanks

Employee
J0hnNL
Posts: 5
Registered: ‎Wed 20-Jan-2010
0

Re: Sorry, this computer is locked.

Can you check in the logs, if you're logging it, if there was an authentication problem? Sometimes a wrong POA keyboard layout setting causes the password to be "misunderstood". Another reason could be a policy setting causing the lock when the local cache is corrupted (Activate logon recovery after Windows Local Cache corruption), that also can be logged (event 2023).
First things first, but not necessarily in that order.
Dr. Who
Occasional Advisor
secadm
Posts: 10
Registered: ‎Tue 10-May-2011
0

Re: Sorry, this computer is locked.

I have a similar problem with only one laptop from a few days. In SGN Mangement Center reports error 2023 - Local cache corruption. I already updated endpoint from 5.50 to 5.60.0.192 but problem still exists. In Utimaco folder LocalCache and LocalCacheBackup folders are present. Will it help if I delete LocalCacheBackup folder?

Occasional Visitor
SGN_noob
Posts: 3
Registered: ‎Wed 14-Sep-2011
0

Re: Sorry, this computer is locked.

We have discovered thru the logs that when the machine gets locked out by Sophos, the logs show local admin trying to log in rather than the user??? which locks the computer out.

 

So, we go to My computer > Properties > remote tab and uncheck the two remote assistance boxes. Then go into start > run > gpedit.msc

 

computer confiuration

Admin templates

windows components

terminal services > Disable - allow users to connect remotely using terminal services.

 

no further lock outs after these changes to the computer system.

 

thanks