This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SGN user shows logged on from cold boot Windows 10 1709 problem

Bit of a weird one. Clean install Windows 10 Pro build 1709 16299.64   SGN 7.00.2.35 encryption on a standalone config. When turned on, the welcome screen shows the SGN cog with logged on underneath. Sometimes says Locked also. Log into windows and presented with the log onto Sophos prompt. Log in, all is ok. Sign out and SGN screen normal again. Reboot and same thing over again. Does the same with ver 8. Only happens on 1709. Anyone else having issues with 1709?



This thread was automatically locked due to age.
  • I think you'll need to be using a updated client for 1709, not version 7. I use 8.00.0.251 here with 1709 and it works fine. I don't believe 7 is compatible with 1709 so you'll have to use 8.00.0.251. Is it that version you tried?

     

    https://community.sophos.com/kb/en-us/124771

  • Hi Michael, thanks for the reply post. Tried this on version 8.0.251 and 7.00.2.35. Only windows build has changed. These versions worked no problem on build 1703.  Although a slightly different problem on machine startup with 8, windows welcome/logon screen hides login credential fields sometimes and after rebooting shows credential field but is shown as locked. You can log in and will be presented with the Sophos logon screen. Once logged in, if you sign out login screen is correct. Also when you get the first welcome screen after boot with the error screen, if you choose to shut down you get a message saying If you shut down now, you and any other person using this PC could lose unsaved work. I am not logged in but either windows or Sophos seems to think so. Here are some screenshots.

          

    These are all from cold boot. I'm getting reports now from others in the company experiencing the same thing.

    Regards Graham

  • The third screenshot is expected behaviour if Windows didn't pass on authentication to the SafeGuard client. This happens if you log in without using the Sophos tile/cog/provider on the Welcome screen, but if you say it isn't there....

    You should be logging out really rather than shutting down while logged in, but I appreciate this isn't the "norm"!

     

    Have you done a clean fresh build here on an in-place upgrade?

  • The third screen is a result of logging in from the cog on the second screen. They are all new (clean) installations. I wondered if a policy change for the configuration package standalone may be required, so went through all policies and the only one I found was the auto log onto windows for general settings Challenge / Response (C/R) Allow automatic logon to windows but alas the result is the same. Think that is mainly for the POA on windows 7. No effect on w10.

    It must be passing on authentication somehow as the screen reads logged on/locked on welcome screen. Must be a policy setting somewhere.

  • Hi Graham,

     

    we've the same problem as you described above.

    Just some of our Windows 10 1703 clients are affected. Fresh installed clients are never affected.

    I've updated SGN to 802 and the Client to 8.00.5.16 --> Just Patch 18 for Windows 10 1803 is missing.

    Have you found a solution for the issue??

     

    Thanks.

  • Hi Seb - Sorry top Graham for not responding to him, but I can ask you the same question...

     

    Do you leave the PC at the welcome screen/logging in screen for a while before logging in? It could be the PC is booting too quickly for the Sophos client to catch up and get the authentication. This was a known issue when initial user sync was done.

    I don't know if you've read it but it does make interesting reading. There's quite a few known issues/limitations

     

    https://community.sophos.com/kb/en-us/122335

  • Hi Graham,

    I assume we´re talking about a workgroup client here, correct?

    In that case you should try disabling the "improved boot up performance" feature which was introduced with 1709.

    You can find the option here:  Settings| Accounts|Sign-in options| Use my sign-in info to automatically finish setting up my device after an update or restart

     

    Hope that helps!

    Cheers

    F.

  • Good call - I forgotten about that!

  • Our Clients are Domain joined Systems.


    We have this behavoir just with some Clients. We're in preparation to upgrade Windows to v.1803. I hope that our issue is fixed with the new release.

    Furthermore I've checked all Systemrequirements and dependencies. I "think" all should be fine. If upgrading Windows didn't solve the issue, I have to open a Support case.