SafeGuard Easy 6.0 : add new users

Hi Lamax,

the process of adding new users is described in SafeGuard Easy User help guide. Please find the relevant part below:

Cheers,

ChrisD

---

4.3 Importing further users

To allow another Windows user to log on to your computer:

1. Switch on the computer.
The POA logon dialog is displayed. The second Windows user cannot log on at the POA because
they do not have the necessary keys and certificates.
2. For the second user to log on at the POA, the computer's owner must allow it.
Note: The default setting specifies that the first user to log on after installation is registered as
the owner of the computer. The security officer can also define the owner of a computer with
a policy setting.
3. In the POA logon dialog, click Options and clear the Pass through Windows check box.
The Windows logon dialog is displayed, prompting the second user to log on.
4. The second user enters their Windows credentials.
5. An entry for the second user is created in the Sophos SafeGuard system core.
The next time the computer is started, the second user can log on at the Power-on Authentication.

---

On this page /search?q= 2586 MichaelS seid that in SGE 6.x there is no owner. Is it a mistake?

Its actually very easy and not very complicated. In SafeGuard manager center, locate the computer you are looking to have more than one user on. once you have that computer up in the main viewer located the tab "Users". You will notice that on that Tab to the right there is a smaller Tree Directory called "Available users" locate the user you are trying to add in addition. once you have found them ( and you can use the search function to do that) click on the name so that it is highlighed, then drag them into the user box which is the to the left of that tree directory. Once they are in the list as a user, you will notice a "?" under "Can Become Owner" click that "?" so that it turns into a green check mark. 

Once you have done that click the save button up in the left hand corner and it will save that information for that machine. Now go to that computer and sync the system with the server so that it can reach out to grab that information. once its has successfully sync'd with the server. Log off the user DO NOT RESTART the cache where users are stored does not have everything it needs just yet. have that person you just added to be a user for that computer log in. check the Sophos status and make sure it sayd SGN(user) the owner should have SGN(owner). as long as you see SGN(user) then they should now be able to restart the machine and log in via the sophos screen. 

As far as what Michael said on that post... No he isn't wrong, in a standalone enviroment, the owner and user groups are merged as allowed users, but in a managed policy or enviroment the use of these groups are maintained and actual. In a managed enviroment, there is two types of groups on a sophos endpoint SGN(owner) and SGN(user).  there can only be one SGN(owner) and mutiple SGN(user) some systems we have are used by more than 10 individuals. all these users have access to one asset. 

Let me know if you still have issues or questions I am willing to help as much as possible.

How do you add additional users, using Sophos Enterprise Console? We have laptops that we need to setup multiple users on but they are not available at the same time as the computer owner.

Hello CMongold,

you can't manage the users from SEC (BTW: if you are talking about the version integrated with SEC it's 5.61), you have to follow the procedure posted in this thread by ChrisD (which you've probably read). I'm not sure though whether only the "owner" can disable pass through or any registered user - but that should be easy to find out. But anyway at least two users must be present.

Christian