This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to boot from external medium if Sophos PoA is set to autologon

Hello I have problem to boot Sophos recovery disk.. I cannot do normal recovery process because PoA is still set to autologon. Is there some hotkey to stop autologon so i can select boot from external from PoA menu? Sophos vesion 6.0.1 I need to fix Windows BCD error
:52833


This thread was automatically locked due to age.
Parents
  • Hi,

    You wont be able to change how the POA acts without first logging into Windows - however - you should still be able to boot into the Sophos recovery disk without going through the POA.

    All you need to do is boot to CD via the boot menu in the BIOS or change the boot order of devices so the CD is has priority before the HDD.

    Once you have booted into the CD you can click on "KeyRecovery" and perform a challenge response using a virtual client.

    1. In the Sophos console click on Keys and Certificates > Virtual Clients > Add Virtual Client
      temp.PNG
    2. Name the client after the hostname of the laptop – in this case VC1
    3. Next click on Virtual Clients, select the correct hostname from the list and then select Export Virtual client.
    4. This will export a file called recoverytoken.tok. Save it to your USB drive.
       
    5. Boot into WINPE SGN on the laptop.
    6. Copy the recoverytoken.tok from your USB drive to X:\Tools\SGN-Tools
    7. Open the KeyRecovery in the Quick Launch.

      temp.PNG
    8. The recover keys window will appear. Select “Import By C/R” at the bottom of the Recover Keys window.

     temp2.PNG

    9. Write down the challenge code:

    10. On the encryption console click Tools > Recovery

    11. Select “Virtual Client”and enter in the name of the virtual client. (In this example VC1)

    12.  Select “Key requested” and click “Next”

    13. Select “Recovery key for Safeguard Enterprise Client managed
     

    14. Click “Find Now” to list all of the encryption keys available. You will be able to find the key for the laptop you are on by finding a key matching the hostname under the “Key Name” column. Failing that the “Key ID” will also match the key displayed in step 8.

    temp.PNG

    15. Select the key and click ok. Then “Next”.

    16. Type in the challenge code you wrote down earlier

    17. A Response code will be generated
     

    18. On the laptop enter the response into the response field

    19. You now have full access to the hard disk drive.

    In your situation you wouldnt be able to re-install windows but if you needed to change a specicif file or setting and knew the command line to do it you could use the built in CMD to make the changes.

    At the very least you could copy the data on the drive and then format the disk and reinstall windows.

    If it helps you could always remove the hard drive and plug it into to another device with Sophos installed and assign the key for the broken laptop to it as well.

    :52893
Reply
  • Hi,

    You wont be able to change how the POA acts without first logging into Windows - however - you should still be able to boot into the Sophos recovery disk without going through the POA.

    All you need to do is boot to CD via the boot menu in the BIOS or change the boot order of devices so the CD is has priority before the HDD.

    Once you have booted into the CD you can click on "KeyRecovery" and perform a challenge response using a virtual client.

    1. In the Sophos console click on Keys and Certificates > Virtual Clients > Add Virtual Client
      temp.PNG
    2. Name the client after the hostname of the laptop – in this case VC1
    3. Next click on Virtual Clients, select the correct hostname from the list and then select Export Virtual client.
    4. This will export a file called recoverytoken.tok. Save it to your USB drive.
       
    5. Boot into WINPE SGN on the laptop.
    6. Copy the recoverytoken.tok from your USB drive to X:\Tools\SGN-Tools
    7. Open the KeyRecovery in the Quick Launch.

      temp.PNG
    8. The recover keys window will appear. Select “Import By C/R” at the bottom of the Recover Keys window.

     temp2.PNG

    9. Write down the challenge code:

    10. On the encryption console click Tools > Recovery

    11. Select “Virtual Client”and enter in the name of the virtual client. (In this example VC1)

    12.  Select “Key requested” and click “Next”

    13. Select “Recovery key for Safeguard Enterprise Client managed
     

    14. Click “Find Now” to list all of the encryption keys available. You will be able to find the key for the laptop you are on by finding a key matching the hostname under the “Key Name” column. Failing that the “Key ID” will also match the key displayed in step 8.

    temp.PNG

    15. Select the key and click ok. Then “Next”.

    16. Type in the challenge code you wrote down earlier

    17. A Response code will be generated
     

    18. On the laptop enter the response into the response field

    19. You now have full access to the hard disk drive.

    In your situation you wouldnt be able to re-install windows but if you needed to change a specicif file or setting and knew the command line to do it you could use the built in CMD to make the changes.

    At the very least you could copy the data on the drive and then format the disk and reinstall windows.

    If it helps you could always remove the hard drive and plug it into to another device with Sophos installed and assign the key for the broken laptop to it as well.

    :52893
Children
No Data