This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Red exclamation point on system tray icon after upgrade to SG Enterprise v8, "Internal Error" message from SafeGuard on clients.

After updating some clients from v7 to v8 SG Enterprise, several are seeing a red exclamation point on the icon. The client also stop receiving message pop-ups about the success/failure of server syncs.

Additionally, some users are seeing a SG error message about an "internal error" and are being asked to re-enter their domain password. This is not accepted and the user is prompted over and over until they just hit cancel.

I've tried deleting the user certificates and re-syncing. After a log out, the number of packets just increases and they are not sent to the server.

I've also tried uninstalling the Pre-install, client, and client config, rebooting, and then re-installing. This "seems" to work in the the packets drop back to 0, but the red exclamation point remains.

The Connectivity Check seems to indicate everything is fine, but there are definitely some issues here:

Has anyone else seen this happen?



This thread was automatically locked due to age.
Parents Reply Children
  • Hi.

    Are you experiencing this on all clients or just a few?

    Have you  tried a complete removal and reinstall yet?

  • Hi Michael,

    Yes it happen on all SG Client v8, and for existing SG v7 always asking the old password (user change the password using ctrl-alt-del from their NB)

    We already try many times to reinstall the SG Client

    This is the sgnstate result from client, something weird is product version = not installed that should be shown the client version CMIIW

     

    C:\Program Files (x86)\Sophos\SafeGuard Enterprise\Client>sgnstate /L


    Sophos SafeGuard(R) State Tool Ver. 8.00.0.251
    Copyright (c) 1996 - 2016 Sophos Limited. All rights reserved. SafeGuard is a registered trademark of Sophos Limited and Sophos Group.

    Operating system                      : Windows 10 Pro
    Product version                       : not installed
    Encryption type                       : Unknown or earlier version of SGN 5.35
    Power On Authentication               : n/a
    POA version                           : n/a
    WOL                                   : n/a
    Server name                           : 172.30.36.89
    Second Server name                    : PWVSSGUTD102.ocbcnisp.com
    Logon mode                            : n/a
    Client activation state               : ENTERPRISE
    Last data replication                 : 2017-07-11 05:12:32
    Last policy received                  : 2017-07-11 05:04:44
    Enforced cert-based token logon in POA: no
    Return code                           : 0

    Volume info:
    Name Type       Status                             Algorithm
    ------------------------------------------------------------
    C:   HD-PART    not encrypted                      n/a

     

    thanks,

    Rahmat

  • That is odd - It does look as if client isn't installed/registered properly.

     

    When you say you've reinstalled, did you actually remove the old client and reboot and then reinstall?

     

    If you remove the configuration, the client and then the pre-install (in that order) - reboot and try to install again? As this particular PC isn't encrypted you've nothing to lose?

     

    I'd edit your last post as it mentions your domain which seems to be live/public?

  • Yes .. it will ask to restart when uninstall the existing client, and then uninstall the ClientPreinstall

    and the re install the client in order ClientPreinstall-Client-ClientConfig

     

    we just using the DataExchange feature for win10 client

  • I have found a way to get rid of the exclamation point (at least it has worked so far), but it doesn't solve the issue of users being prompted for their old passwords after login.

    1) Delete the assigned user from the Users tab on the properties of the host in question using the management console. Don't delete the user itself, just the listing in the Users tab of the host.

    2)Synchronize.

    3) Reboot the host.

    4) Login making sure to use the account name with the Sophos icon.

    5) Sync again, and make sure you see that a keychain was received.

    6) Make sure the user has been re-added to the host in the management console.

     

    The users are also prompted for their previous AD password for some reason after login until they enter it, assuming they know it. The only fix for the password prompt I've found is to:

    1) Delete the user's certificate in the management console.

    2) Completely break PCI and ask the user to provide their current domain password. If they give it to you, yell at them for giving it to you and then thank them.

    3) Re-create the certificate with their current password.

    4) Have them sync with Sophos.

    5) Force them to change their AD password.

     

    I still have multiple hosts with orphaned packets that never send. Sophos said there is currently no fix for this but that it shouldn't impact performance. I've tried entirely uninstalling SafeGuard including the pre-install, decrypting the laptop, and deleting any left over folders/files from Utimaco/Sophos, rebooting and re-installing and I still see the unsent packets.

  • Hi steven,

    Thanks for your effort

    Actually this is new NB and it doesn't have user yet in the user tab

    I'm just curious with the sgnstate that shown no product installed in the product version which ia usually show the client version, i think this causing the client cannot communicate with the sgn server