Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 5 subscribers
  • Views 5364 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SGE 6 on standalone laptops

colinh

My client (a financial advice charity) has a number of laptops used by volunteers working from home.  As these laptops contain client personal and financial data, they need to be encrypted.  I have installed the SGE 6 Policy Editor on a computer in the office (actually a server) and created the configuration file.  My question is about the client laptops.

These laptops will never logon to the domain directly (from within the client’’’’s office).  The users logon locally (from their own homes) and then access the client database via RDS (RemoteApps).

When I installed the first laptop, I didn’’’’t realise that the first logon is captured and is always there.  This is not what I need as the provided laptops may be assigned to different volunteers and some actually belong to volunteers.

Is the best way to do this to have a two stage logon, i.e. to logon via the SGE POA and then logon to their computer locally? In that case, is it best that I create a username / password for the device rather than the person?  Should these be POA users or Service Account list users?  How do I get over the issue of the first logon being captured by POA and being ever present?

Or am I looking at this the wrong way?

Thanks

:35159


This thread was automatically locked due to age.
Parents
  • 0

    Hi RGBE

    This is very helpful.  However, I am still a little unsure about how to proceed, as the POA will intercept the user logon and use that as the primary POA logon, regardless of what POA Users I have setup in the configuration package.  

    So, I have configured a new laptop and set the username as the person who will be the primary user.  As soon as I install SGE, it will intercept the user logon and make that the primary logon to SGE.  So far as I can see, there is no way to stop that logon name appearing in the POA dialog on bootup.  

    I thought about creating a new user with a device specific name and password and deleting any other user accounts on the laptop.  Would that work?

    How have you resolved this?

    Thanks

    :35219
Reply
  • 0

    Hi RGBE

    This is very helpful.  However, I am still a little unsure about how to proceed, as the POA will intercept the user logon and use that as the primary POA logon, regardless of what POA Users I have setup in the configuration package.  

    So, I have configured a new laptop and set the username as the person who will be the primary user.  As soon as I install SGE, it will intercept the user logon and make that the primary logon to SGE.  So far as I can see, there is no way to stop that logon name appearing in the POA dialog on bootup.  

    I thought about creating a new user with a device specific name and password and deleting any other user accounts on the laptop.  Would that work?

    How have you resolved this?

    Thanks

    :35219
Children
No Data
Unfiltered HTML