The Sophos Community will be offline for scheduled maintenance this Saturday, May 27th, at 13:00 UTC for approximately 1 hour. Apologies for any inconvenience caused.
"Wanna" ransomware outbreak. Please see this Sophos article sophos.com/kb/126733 for advice on how to protect your organization. Immediate action recommended.
When attempting to connect a remote enterprise console from a trusted ( 2way ) child sub domain you have an increase in token size because of the additional active directory information, causing problems when authenticating across domains.
The SEC remote console for example would fail to open throwing the following error:
Error in the Client Console Fatal Log:
Console Fatal: No sub-estates are assigned to this user ----- [outer exception] ----- -- error: 0x829E002C -- facility: Sophos Management Service Exception
First seen in Enterprise Console 4.5.0
The problem occurs because the workstation’s Kerberos token size exceeds 12,000 bytes. A parameter set to expand the size of the kerberos token resolves this issue.
To use this parameter:
Following formula to determine whether it is necessary to modify the MaxTokenSize value or not
This formula uses the following values:
In scenarios in which delegation is used (for example, when users authentication to a domain controller), Microsoft recommends to double the token size. Default token size is 12000.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. If you need technical support please post a question to our community. Alternatively for licensed products open a support ticket.