Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 8 replies
  • Subscribers 5 subscribers
  • Views 13804 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

New to SGN and it's driving me nuts

bond1973

Hello All,

     This past summer Sophos SGN was thrown at me.  I am so lost.  Called tech support twice and I believe I got the same guy both times that wasn't very helpful, nor could I understand him.  Anyway....so we are running 5.60 and I have a device (laptop) that the wrong person was the first to log into it (why do I bother trying to educate people?), thus the the wrong user is currently the owner on the laptop.  I was able to use recovery and both users can now login through the POA, however Management Console still shows the wrong user as owner.  I would THINK that I could just uncheck the current owner and check the proper one, then maybe right-click and delete the user that shouldn't even be on that laptop, but no.  No such thing seems to work.  What am I doing wrong?  It looks straight forward and easy, but not so much.

     Another thing driving me nuts is I can no longer WOL a device and log into it remotely.  It, obviously, boots up and hangs out at the POA waiting to be logged in through, but none of my remote control methods work until Windows is loaded.  Anyone have a way they deal with this?

     Last...when I AM forced to visit a PC to correct it's issue...if the user isn't around and it's off...I can't log in through the POA without hunting them down and getting their password.  There's GOT to be an easy way to globally set one of our network admin accounts to all SGN protected devices so I can log in through POA with said username.  Any guidance there, and on any of my other issues/gripes, would be ENORMOUSLY appreciated.

    I want to like SGN, but so far it's done nothing but make my job harder and cause me grief.  I'm not ready to even think about what happens when it's time to image all these devices and what's going to happen there...

Take Care

Rick

:17935


This thread was automatically locked due to age.
  • 0

    Hey Rick,

    welcome to the forum and thank you very much for posting.

    Let's see if I can give you some information so that you feel a bit more positive about SGN - all in all its a great product you'll see ;)

    So with regards to your questions:

    1. As already mentioned select the machine > open the users tab and remove the tick at User is Owner > Save > sync the client. The next user that logs on to the machine will become owner of the machine. You can simply unassign every user via drag and drop in that dialog as well.

    2. WOL is a policy setting in SafeGuard Enterprise. Create a new Specific Machine Settings policy and set time and date when the policy should be active, define the number of automatic log on's and before shutting down the machine use "sgnstate.exe -WOLStart" on the client >> at the next reboot the machine will be in auto log on.

    3. SafeGuard Enterprise offers the ability to define user that is distributed onto every machine in the Management Center. If you click on the users and computers tab > left hand pane directory tree you will be able to see the POA user group and the POA user. Simply create a POA user >> Assign that one to a POA group and the centrally assign that POA group in the Management Center to an OU. The user will then be distributed to each machine and is centrally available

    Please note that the above requires to be logged on as MSO to the Management Center and using SGN 5.60.1

    Using that version all should be fine ;)

    Regards

    Dan

    :18229
  • 0

    Thanks very much for the reply Dan.  I will look into those as soon as I can and report back.

    :18231
  • 0

    Pertaining to number 1...I am logged into the Management Center as Admin...I have selected the laptop in question.  On the "Users" tab (next to the "Drives" tab) I show two users.  I was able to get the proper user set as a user (sadly I am not sure how I did it), however the wrong user is currently ticked as Owner.  When I try to click the checkbox (to uncheck) nothing happens.  I guess here lies my first frustration.  I expect it would uncheck and I could then check off the other user as owner and be done.  

    Thanks

    Rick

    :18237
  • 0

    2. WOL is a policy setting in SafeGuard Enterprise. Create a new Specific Machine Settings policy and set time and date when the policy should be active, define the number of automatic log on's and before shutting down the machine use "sgnstate.exe -WOLStart" on the client >> at the next reboot the machine will be in auto log on.

    In reference to this issue...I don't understand what I'm setting time and date for in the policy.  Prior to SGN I could WOL any of our computers, any time of the day, from my couch at home if I wanted and it would allow me in.  What you're describing to me sounds like more of a ... well gives me the ability to reboot and machine that's already on and will bypass the POA, but doesn't allow me to WOL the machine from a down state as it would have been "Shutdown" by the user via Windows shutdown rather than me issueing the command you specified.  If that makes sense...cause I'm not sure it'll make sense to me if I re-read it.  

    I guess I understand I can set it so that I have the option to reboot it via Start/Run and using the command you gave...still not sure what I'm setting time/date for though...

    :18239
  • 0

    3. SafeGuard Enterprise offers the ability to define user that is distributed onto every machine in the Management Center. If you click on the users and computers tab > left hand pane directory tree you will be able to see the POA user group and the POA user. Simply create a POA user >> Assign that one to a POA group and the centrally assign that POA group in the Management Center to an OU. The user will then be distributed to each machine and is centrally available

    On this issue...I currently show no POA users and no POA groups.  We do have this tied in to Active Directory.  Is it possible to just allow one of our admin accounts to this role somehow?

    Was I suppose to get a 3000 page users manual with this thing?  ;-)  haha  So confusing to me right now.  Thanks so much for your assistance thus far Dan.

    :18241
  • 0

    Hi Rick,

    strange....

    1. Open a new ticket and ask one to remote in > I'm 100% sure that this is the way to go - just did that on my machine as well. Maybe you are not using the MSO by accident (MSO account is not related to the AD)

    2. This is not possible any more with SGN. We don't have any option to disable the POA from external as this could cause a potential security risk.

    3. Are you sure you are using the latest version? As mentioned this feature is designed for 5.6x and 5.5x

    Regards

    Dan

    :18257
  • 0

    Dan,

         Thanks so much for your suggestion.  Made the phone call, got someone EXTREMELY helpful on the other end and two of my 3 issues are resolved.  The tech is writing up a document to send me pertaining to my 3rd issue.  Much more pleasant tech support call experience than my prior calls.  Thanks again!!

    Rick

    :18307
  • 0

    Make sure to hit the save button in the console, common mistake new admins make.

    :18335
Unfiltered HTML