This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Can't connect to network file share from MacBook Pro after changing Active Directory password

We're using SGN File Encryption on network file shares, and after changing my domain password last week, I can't connect to the encrypted folder anymore from my MacBook Pro only.  I can connect to other shared folders.  And I can connect to the encrypted file share from a Windows computer.  I THINK it's an SGN problem because I'm seeing this in the system.log:

Aug  9 13:03:19 ComputerName SafeGuard:sgd[106]: sgdHandlePoliciesResponse(): Clear existing application based policy - policy=0x0, rsop=FileShareName (I've replaced the actual names.)

However, the above message might be completely unrelated, and caused by something else.  I found https://community.sophos.com/products/safeguard-encryption/f/sophos-safeguard-products/75561/changing-password-on-a-mac-on-an-active-directory-network-with-sophos-filevault-installed, but Step 1 is confusing.  Where do I find certificates in the Management Center?  Or am I supposed to delete the certificate in my KeyChain?

(By the way, we have to change our domain passwords on a specific website in order for all of our connected web applications to work.)

 

Thank in advance for any help you can provide.

Terri

 

P.S.  When I used the FQDN to connect, it worked fine.  I'm not sure why I need it now when I've never used it before, but at least it works.



This thread was automatically locked due to age.
  • Hi Terri, 

    Are you the SGN admin? If so, please follow the steps below:

    1. In the SafeGuard Management Center, the certificate for the user also needs to be removed
    2. Log in with the new password
    3. The user will be asked to change their password
    4. You will be asked to create a new keychain or update the key chain
    5. Select "Create New Keychain"
    6. Delete or rename keyring.plist. from /var/sg/config/Users/username. Sudo rights is needed
    7. Enter the new password to request a new certificate. A new keyring.plist will be created for the user

    If you are not the Safeguard admin, please ask your admin to delete the cert in the management center.

    Haridoss Sreenivasan
    Technical Support Engineer | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • Thank you for your reply Haridoss, but you didn't clarify step 1 for me.  Yes, I'm the SGN admin, but users or groups are assigned keys, where in Management Center are they assigned certificates?  That's the part I'm confused about.

  • Hi Terri,

    In the SafeGuard Management Center > Users and Computers, locate the user, open their Certificate tab, and left-click to highlight their certificate. Please click here for your reference. 

    Haridoss Sreenivasan
    Technical Support Engineer | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • Thank you.  This is the answer I was looking for.  I'm new to SGN, and wasn't aware of that tab.