Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 5 subscribers
  • Views 3785 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Enterprise Console 5.2 w/SafeGuard 5.60 Setting up for PCs with Multiple users

gssieg

Hello,

I am in an environment that we have multiple users that use the PCs and many of the user's roam from PC to PC.  We are also a 24/7 facility.  We are working on deploying SafeGuard via the Enterprise Console and have run into a few bumps trying to figure out the best way to get users logged in with minimal impact and ease of use.  We don't want to have to run to a PC everytime someone new wants to reboot the device.

I have seen that we can disable POA all together but I think that really defiets the idea of encryption.  So we were looking at setting up a POA account and have users use that account if one one was available to log them in unfortunately that logs them on as a "guest" in the system and does not give them the ability to enroll there account. 

So at this time I'm not seeing a good way to enroll new users unless someone that already has a POA account logs onto that machine.  Does anyone have any suggestions or ideas on how we can try to set this up and make it easier?

Thanks in advance,

Greg

:38869


This thread was automatically locked due to age.
Parents
  • 0

    Hello Greg,

    once POA is enabled the first user logging on is registered with POA. To register another user one of the already registered users must be used logon to POA, uncheck the passthrough and the other user must logon to Windows and is subsequently registered. If you logon with the POA user defined in the policy the user logging in to Windows is, as you've seen, not enrolled.

    Security-wise it doesn't make much difference whether the "common" user is the "POA user" or a regular account. So why not enrolling this user (as first) on each machine?

    Christian

    :38883
Reply
  • 0

    Hello Greg,

    once POA is enabled the first user logging on is registered with POA. To register another user one of the already registered users must be used logon to POA, uncheck the passthrough and the other user must logon to Windows and is subsequently registered. If you logon with the POA user defined in the policy the user logging in to Windows is, as you've seen, not enrolled.

    Security-wise it doesn't make much difference whether the "common" user is the "POA user" or a regular account. So why not enrolling this user (as first) on each machine?

    Christian

    :38883
Children
No Data
Unfiltered HTML