Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 5 subscribers
  • Views 2094 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Safe Guear Enterprise

Techdude0912

Has any body seen this

we are attempting to encrypt a hdd on a Dell Optiplex 360 running Windows Xp w/ SP3 , What happens is it appears to load and reboot twice to perform the scandisk and load the SGN Kernel component and after the third reboot. The user logs in and right clicks on the icon (key hole) and received this error message "Your user account is currently not assigned to this machine. Only users who are assigned to this machine can create a local key".

Any assistance would be appreciated.

:276


This thread was automatically locked due to age.
  • 0

    Hi Techdude0912,

    did you ensure that the initial user synchronization is completed on the machine? Normally u can verify this using the SGN Tray icon> right click > status


    Besides this maybe the RSOP in the Management Center can give you some further info with regards to this :smileywink:

    Regards

    Dan

    :342
  • 0

    TechDude0912,

    The user won't be able to create a Local key until they have a certificate assigned to their SGN user object which gives them access to their key-ring.

    You should troubleshoot the issue starting with the Client Configuration MSI and the Primary server configured in that MSI. Is it configured for NetBIOS name, IP or FQDN?

    Also here are some other troubleshooting tips:

     - Can the client ping the server?

     - Can you open a web browser to http://<server_name>/SGNSRV ?

     - Does the systray icon status show it's connecting to the server?

     - Does the systray icon status read that the 'Initial user syncronization is complete'?

     - Based on your error message, do you have the Policy Item category called General Settings configured to 'Only assigned user may logon' to 'Yes'? If so, change it to 'No', sync up the policy change, log off and try again.

    As a side note, it's still possible to get the drive encrypted before the user is assigned because Device Protection policies common settings for FDE are computer policies and do not require user authentication to be applied as long as you are using the 'Defined computer key'.

    Let us know in the forum how it turns out or if you have any additional questions.

    Best regards,

    Dave

    :409
Unfiltered HTML