Advisory: Support Portal Maintenance. Login is currently unavailable, more info available here.
Hi All.
I was wondering if you find an error like the below and can help me to find the solution:
We started to deploy Sophos Safeguard 8.10 on Windows 10 version 1903 and we are encountering the following error: On some users (not all ) after the setup of the software with a local admin account as usualy we restart the machine and we logon with the user to whom we have to assign the machine: The pc start to exchange data with Sophos Safeguard Console;
The pc does not receive the policy of safeguard, so we are not prompted to set pin (TPM+PIN policy) and the pc becomes unresponsive, RunAS command hang, search bar is blocked;
Checking services, safeguard authentication service is not started, even it is set to start automatically. If we Start the service “safeguard authentication service” from a remote pc, then the pc receives the policy I am prompted to set pin and to click Restart and Encrypt. Once restarted the machine, and I try to login with the user I receive the following error:
Wrong Credential for Sophos Safeguard Provided and once I click on ok, Local Logon is Disabled, I can then only login using windows authentication.
If I logon with the same user on a different pc (same model, and same OS) with version of Sophos Safeguard 8.005, instead I Can login without any issue, So what does it change between the 2 version?
Thanks in advance
Pietro
The Problem was solved upgrading the client to 8.30.0.88 - DPSGN-15735_Hotfix_Client_8_30_0_88 - can be downlaoded from Here - www.sophos.com/.../DownloadRedirect.aspx
Hmmm.... This doesn't too good!
Can you confirm the exact version of the client you're using on the workstation, and also what's your backend running - 8.1 too? Could we have the full version of this too please?
Can you also confirm what version of the File Engine you're using too?
It does sound like a incompatibility between the client and OS.
1903 needs 8.00.6.2 or 8.10.2.55 or 8.20.0.83. Can you confirm you're using one of those versions with 1903?
There is a known issue with July patches - Are all the machines on the same version and updates as each other?
https://community.sophos.com/kb/en-us/124771
Hi Michael
Please find below details:
Sophos Safeguard Management Center is 8.10.0.323
Sophos Safeguard Client 8.10.2.55
Sophos Safeguard Configuration 8.10.0.323
Sophos Safeguard Preinstall 8.10.323
Hotfix Rollup 1901 for Safeguard 8.10.0.321 is present in view installed Update (Windows)
Microsoft Windows Version is 1903 (OS Build 18362.418)
Machines clients are not all of the same version, and not all with the same Operative system vesrsion as you can see below from info of the Console, but the issue is specific for the details above:
Native Device Encryption 8.10.2.55 - Windows 10 1903
Native Device Encryption 8.00.6.2 with Data Exchange 8.00.6.2; Windows 10 1808
Native Device Encryption 8.00.5.19 and Data Exchange 8.00.5.19, Windows 10 1808
Data Exchange 8.00.5.16 and Device Encryption 8.00.5.16- Windows 10
Data Exchange 7.00.3.11 and Device Encryption 7.00.3.11 - Windows7
Thanks
Hi Pietro Guzzetti
Would you please confirm your machine settings policy has below setting for the Secure Wake on LAN?
If yes, Would you please configure the 'Default Machine Settings | Power On Authentication (POA) | Secure Wake on LAN (WOL) | Allow local logon during WOL' to 'Yes' and apply the change to the SafeGuard Client.
Default Machine Settings | Power On Authentication (POA) | Secure Wake on LAN (WOL) | Allow local logon during WOL
Yes
Then try to login to the machine.
Regards,
Jasmin Community Support Engineer | Sophos Support Sophos Support Videos | Knowledge Base | @SophosSupport | Sign up for SMS Alerts | If a post solves your question use the 'This helped me' link
Thanks for the answer I'maasking to the Team if they can make this change for me as I unfortunately I'm not allowed to; Is there a way to set it directly on the client using the registry of Windows? Thanks
Hi Pietro,
Unfortunately not as it is a policy change and client always be in synchronization with Server, so if we haven't changed policy on the Safeguard Management console, it can revert the changes on the client.