Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 2 replies
  • Subscribers 5 subscribers
  • Views 5887 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos SafeGuard Authentication Problem

kheiren

Hi,

I have noticed that when I install the Sophos Safeguard DX agent the fingerprint authentication will not work anymore. I tried to remove the fingerprint data and register my fingerprint again but when i tried to restart my computer the fingerprint authentication will not show up instead it will show me to asked my password.

Also while excluding the Sophos SafeGuard agent in authentication provider. once the user is logged on using the conventional authentication provider the sophos agent will prompt for a password. (screenshot attached)

I also noticed that in my thinkvantage fingerprint manager the option to use fingerprint to logon cannot be enabled. even ticking the enable check box but when you save the settings the check box will be left empty again. (screenshot attached) 

i have limited skill set on safeguard. any help would be greatly appreciated. many thanks

 


 

:18579


This thread was automatically locked due to age.
  • 0

    Hi,

    The fingerprint software version in your screenshot is currently unsupported by Sophos...

    To find out the supported versions for the various version of SGN and the OS, please see the following Sophos KB: http://www.sophos.com/support/knowledgebase/article/111626.html

    Also, when downloading the Lenovo fingerprint software you should see a reference in the Lenovo notes about using the correct fingerprint software version...

    Extract from Lenovo website:

    System requirements

    ThinkVantage Fingerprint Software can be installed on any computer with a free USB port running one of the following operating systems:

    • Microsoft Windows 7 (64-bit, 32-bit)

    Administrator rights are required to install or uninstall ThinkVantage Fingerprint Software.

    Note: If using SafeGuard Enterprise (SGN) 5.5 and Windows 7 you should use UPEK FPR SW 5.8.6.6874 instead of 5.9.5.

    First things first...

    1. Clear the fingerprint data in the BIOS

    2. Install the supported version of the Lenovo Fingerprint software

    3. Enable fingerprint support in the SafeGuard policies

    4. Deploy the SGN software to your machine

    5. Logon to the laptop using the Sophos SafeGuard credential provider (shield)

    6. Fire-up the fingerprint software and enroll

    7. Log off (not shutdown or restart)

    8. Log back on with your fingerprint (hopefully it now works)

    9. Restart

    10. Logon at POA using your fingerprint. *

    * Note: You may need to toggle the POA hotkeys to get this working. E.g. Legacy USB (http://www.sophos.com/support/knowledgebase/article/107781.html)

    Regards,

    John.

    P.S. You may want to look at forcing the Credental Providers following the other Sophos KB (http://www.sophos.com/support/knowledgebase/article/114190.html) so that the users can only logon via SafeGuard.

    However in my personal experience I have found issues with IE8 on Windows 7 and NTLM passthrough authentication when following this Sophos guide. I narrowed this down to the {25CBB996-92ED-457e-B28C-4774084BD562} key and did NOT comment out this key.

    :18619
  • 0

    Hi,

    I already installed the version of the fingerprint software advised by below procedure, however the fingerprint is available but the keys and certificate is not initialized or something wrong that i don't know what the reason behind. once i wll check the keys and certificate it will give me an error " The key store is not initialized - please re-login" tried to logoff and logon again using the fingerprint authentication but the same issue. I also noticed that the agent user is grayed out, it will not give me the correct info like sgn guest or sgn owner. 

    your help is greatly appreciated. thank you

    :19411
Unfiltered HTML