Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 8 subscribers
  • Views 7593 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Safeguard 7 - User locked out after machine hibernates

MichaelRichardson

 After rolling out Safeguard 7 to Windows 7 machines we have identified an issue that when some of these machines hibernate the POA user receives "failed to login" at the Sophos login.  The only solution is to use Recovery to get into the machine and then change their Active Directory password and allow it to sync.

 

This has become a real time consuming issue for us.  Is there anything we can do to correct this beyond deploying a group policy to prevent the hibernate and sleep functions on all machines?



This thread was automatically locked due to age.
  • FormerMember
    0 FormerMember

    Hello Michael,

    What domain are they logging into when this happens, is it <POA> or the company domain?

    Can you upload a photo of the error message?

  • 0 in reply to FormerMember

    Hi Toby 

     

    My domain has the same issue, this happens when the user tries to login to the company domain after the machine has gone into hibernation or the user has locked the machine. even with the correct credentials the login delay keeps increasing. 

    no failed logins are reported to the management center, while this is happening.

    A workaround we have found is to login with the windows login icon rather than the sophos login icon, with all network connections turned off. 

    although once this fails, the only option is recovery which is painstakingly an inconvenience

    If it helps i have noticed the safeguard authentication service doesn't run after coming from a sleep or hibernation state maybe this has to do with the issue 

    Thanks in advance !!!!

  • 0

    We reported this issue to Sophos and they replied with

    'Hibernation is included on the release notes, though it is not clearly stated that the hibernation mode should be turn off we are still recommending for the hibernation mode to be disabled.
    Technically hibernation is seen identical to fast user switching, during the hibernation mode the Safeguard boot process are triggered to start again so the user machine assignment fails to recognize that there is already a user account that is login.
    Since Safeguard does not support fast user switching the login attempt of that user will not be accepted and so when the computer has been restarted as part of the POA security check a challenge and response recovery will be triggered since there
    was been a failed login attempt on that system. That is why we are recommending to turn off the hibernation mode on Safeguard encrypted systems to avoid complication on everyday operation.'

    Which is strange as hibernation as been working for a year for us.

Unfiltered HTML