This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

User required to reauthenticate with SGN server

Hi Guys,

I would like to check whether anyone encounter same issue as per subject.

We have check the Management Center and database integrity check with no issue reported.

We suspect the issue was cause by AD synchronized (PC delete/move from OU) or certificate expired by default every 5 years.

Current Management Centre is version 7 and client is Windows 10.



This thread was automatically locked due to age.
Parents
  • Hi - This is normally caused by a mis-match of authentication with Windows/Sophos.

    This is caused by...

     

    1 - User not logging into Windows with the Sophos "cog" (Credential provider) and using the Windows login (I see this frequently)

    * Log out of Windows and log in with Sophos "cog"

    2 - User logs in too quickly and sometimes Sophos hasn't quite caught up! (don't see this often)

    * Wait a second or two at the login screen before logging in via the Sophos cog

    3 - User key/cert on Sophos server is outdated owing to a password change elsewhere (AD etc...) - I see this quite often too. 

    *Delete the user key/cert from the Sophos console. Reboot the client and log in again. Key/Cert will be regenerated with correct creds.

  • Hi @MichaelMcLannahan,

    Does option "3" performed at "Released Certificate"? . Initial finding as share on above post this issue is related with the outdated user certificate.

    example user certificate expired is on 06/10/2019 with last connected to SGN server on 29th September. User reported yesterday that they have been locked out after multiple failed login  and required CR. However Helpdesk failed to performed CR due to user certificate is expired and grey out machine inventory information.

    I'm not sure on how or what is the buffer time for the certificate expired and release released. Thanks

  • A little confused to what you're asking to be honest - But I would try deleting the user's cert as below in the screenshot from my server

     

  • Hi MichaelMcLannahan,

     

    In my scenario under "User and Computers" affected computer and users keys/cert is missing/grey colour unless inventory scan or re-sync with AD.

    We only found that the affected user/cert is expired under "Keys and Certificate" and "Released Certificate" option

    I'm sorry cant provide any screenshot because I'm just left out of the office. Thanks

Reply
  • Hi MichaelMcLannahan,

     

    In my scenario under "User and Computers" affected computer and users keys/cert is missing/grey colour unless inventory scan or re-sync with AD.

    We only found that the affected user/cert is expired under "Keys and Certificate" and "Released Certificate" option

    I'm sorry cant provide any screenshot because I'm just left out of the office. Thanks

Children
No Data