PLEASE READ Advisory: Kernel memory issue affecting multiple OS (aka F**CKWIT, KAISER, KPTI, Meltdown & Spectre) for the latest updates.
Local Self Help was enabled for all SafeGuard Enterprise Device Encryption Clients. Is it possible to verify which users have Local Self Help already activated?
First seen in SafeGuard Management Center / Local Policy Editor
The status of Local Self Help (active/inactive) for each SafeGuard Enterprise Client / User is not stored centrally in the SafeGuard Database and can therefore not be verified directly.
Verifying the Local Self Help status for every SafeGuard Client / User is currently not possible. As a workaround, the dbo.EVENT table in the SafeGuard Database can be queried using the following SQL SELECT statement to verify which SafeGuard Client / User reported the activation of Local Self Help:
SELECT EVT_ARG_1 As [Username], EVT_ID, MAX(EVT_LOG_TIME) As [Latest LSH activation date], EVT_MACHINE_NAME, EVT_MACHINE_DOMAIN FROM dbo.EVENT WHERE EVT_ID like '3035' GROUP BY [EVT_ARG_1], [EVT_ID], EVT_MACHINE_NAME, EVT_MACHINE_DOMAIN
The following Local Self Help (LSH) events can be set in the 'Logging' policy in SGN 6.x, the output and saving location for the logged events can either be the Windows Event Log of the endpoint or the SafeGuard Enterprise Database:
Client 3030 User has changed his LSH secrets after login.
Client 3035 LSH was activated.
Client 3040 LSH was deactivated
Client 3045 LSH is available - Enterprise Client
Client 3046 LSH is available - Standalone Client
Client 3050 LSH is disabled - Enterprise Client
Client 3051 LSH is not available - Standalone Client
Client 3055 The QST list (LSH questions) was changed
For further information, please refer to the 'SafeGuard Enterprise administrator help' guide, section 33: Reports.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. If you need technical support please post a question to our community. Alternatively for licensed products open a support ticket.