Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 5 subscribers
  • Views 7959 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Syncronize over VPN

aaronford

Hopefully this is an easy one...

When my end users are working over a VPN, the credentials aren't syncronizing.  Whether the user signs thru sophos using their account and old password, or an admin account/POA, then forcing syncronization, upon reboot, sophos still isn't accepting the new AD password.

My current workaround, is haivng them come into an office, and syncronizing.  However, it seems this should work when they are connected via the VPN.

Any help would be greatly appreciated.

:42185


This thread was automatically locked due to age.
Parents
  • 0

    Hello aaronford,

    I'm not sure I understand all the details. Are the users changing their password because it has expired? At which point in the mentioned scenario (signs into windows with the old/cached password ... once logged into windows, the user can connect to the VPN, sync sophos) do they change the password and how?

    From what I understand I assume the difference is that when on the LAN the change takes place (or is detected) when SGE attempts the automatic logon and therefore is aware of the change. Furthermore signs into windows with the old/cached password suggests that the client computer is not yet aware of the (need for a) change - not surprisingly as there is no connection to AD without VPN. Unless the password is changed with the SGE Credential Provider the POA will still require the old password after a restart, and then sophos still only accepts the old sophos password - what happens if SGE tries to log them on to Windows? I'd expect that it will detect the password change (after the user authenticates to Windows it prompts once more for the old password) and after this it'd have to sync (needing the VPN connection) for the change to become effective.

    Christian 

    :42590
Reply
  • 0

    Hello aaronford,

    I'm not sure I understand all the details. Are the users changing their password because it has expired? At which point in the mentioned scenario (signs into windows with the old/cached password ... once logged into windows, the user can connect to the VPN, sync sophos) do they change the password and how?

    From what I understand I assume the difference is that when on the LAN the change takes place (or is detected) when SGE attempts the automatic logon and therefore is aware of the change. Furthermore signs into windows with the old/cached password suggests that the client computer is not yet aware of the (need for a) change - not surprisingly as there is no connection to AD without VPN. Unless the password is changed with the SGE Credential Provider the POA will still require the old password after a restart, and then sophos still only accepts the old sophos password - what happens if SGE tries to log them on to Windows? I'd expect that it will detect the password change (after the user authenticates to Windows it prompts once more for the old password) and after this it'd have to sync (needing the VPN connection) for the change to become effective.

    Christian 

    :42590
Children
No Data
Unfiltered HTML