This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Can't add second user to login at POA

I'm not able to add a second user to login at POA.

I've tried following the steps here: http://www.sophos.com/en-us/support/knowledgebase/107857.aspx

but the login fails whenever any user other than the administrator tries to login at POA.

I am using the SafeGuard Enterprise credential provider to login to Windows, after logging into POA with the administrator account. Whatever user I login to the Safeguard credential provider it works fine, but they never gain the abilitiy to login at POA and I've tried several different computers.

I obviously don't want to give out my administrator password for the users to login.

Also, I've created accounts in the POA domain, which works, but the users have to change the domain every time as the POA domain never "sticks" and I can't find a way to do that.  If it could just remember the POA domain, that would be great as well.

I'm using version Safeguard Enterprise 6.00.1.13

Thank you!

:43943


This thread was automatically locked due to age.
  • I assume this is a managed enviroment where there is a guest user or SGN_user or a SGN_owner. Or is it a standalone?

    I actually have answered this question in a post before in regards to a managed enviroment it works for me when I add users this way hopefully it works for you:

    Its actually very easy and not very complicated. In SafeGuard manager center, locate the computer you are looking to have more than one user on. once you have that computer up in the main viewer located the tab "Users". You will notice that on that Tab to the right there is a smaller Tree Directory called "Available users" locate the user you are trying to add in addition. once you have found them ( and you can use the search function to do that) click on the name so that it is highlighed, then drag them into the user box which is the to the left of that tree directory. Once they are in the list as a user, you will notice a "?" under "Can Become Owner" click that "?" so that it turns into a green check mark. 

    Once you have done that click the save button up in the left hand corner and it will save that information for that machine. Now go to that computer and sync the system with the server so that it can reach out to grab that information. once its has successfully sync'd with the server. Log off the user DO NOT RESTART the cache where users are stored does not have everything it needs just yet. have that person you just added to be a user for that computer log in. check the Sophos status and make sure it sayd SGN(user) the owner should have SGN(owner). as long as you see SGN(user) then they should now be able to restart the machine and log in via the sophos screen. 

    Let me know if you still have issues or questions I am willing to help as much as possible.

    :43997
  • Yes, this is a managed environment.
    The Available Users tree doesn't have any users and I can't figure out how to add a user.  Everywhere I want to add a user that option is greyed out.

    Thank you!

    :44177
  • Do have the ability to see your domain in the managment center? your users should have been grabbed from AD.

    :44229
  • Be aware that adding users to POA through the Management Center is only successful if the user already has a valid user certificate - in other words they have successfully registered to a POA.

    To add a new user to a POA on a machine, your policy needs to allow user assignment.
    Then you do the following:

    1) turn the machine off - it needs to go to cold ram
    2) turn it on
    3) at the POA, uncheck the passthrough to Windows box in Options
    4) log into the POA with the account that is owner of the machine
    5) the next screen will be the Windows Credential Provider - log in with the new account you want assigned (do not sign in with the account you used at the POA - this will invalidate the process)

    This process will register that new user account to the machine and create a user certificate for them. After this, you can assign them out to other SGN machines through the Management Center.

    RichardP

    Program Manager, Support Readiness | CISSP | Sophos Technical Support
    Support Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.