ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Feature Request: When using Symantec Endpoint Encryption 11 mp 2 Single Sign On password sync does not work if UPN differs from domain login.

book

Article ID: 161476

calendar_today

Updated On:

Products

Endpoint Encryption

Issue/Introduction

If UPN is being used and it differs from the existing domain name, password synchronization will fail. UPN support requested for differing domain names.

Resolution

Support has worked directly with Product Management and has determined this feature will not be included at this time.  Please subscribe to this article for any updates.  To be added to this Feature Request, please contact support who will track specific customer requests therein.

 

 

Applies To

 

 

 

Reproduced the behavior on SEE 11 with the following steps:

 

1. Added to an existing user named user1 (domain: SEE) an UPN which is [email protected]
2. On an endpoint encrypted with SEE 11, verified the current list of registered users. The user1 user is present on the registered users list.
3. Logged off as user1 from the endpoint and logged in as [email protected] with the same password as user1. The login completed successfully.
4. Registered [email protected] with the following command:

eedAdminCli.exe --register-user --disk 0 --user [email protected] -p user1pass --domain SEE --sso --au Cadmin --ap examplepassword

5. Verified and confirmed that the user was properly added to the disk. Rebooted the machine twice and verified login to BootGuard both as user1 and [email protected] SSO works for both users.
6. When logged in as [email protected], change the password to newuser1pass via Ctrl+Alt+Del. Logged off from Windows and logged in again with the new password, confirmed it is working.
7. Reboot the machine and attempt to log in to BootGuard as [email protected] using the newuser1pass password. This does not work. The old password - user1pass - works fine, however SSO is not functioning properly as Windows passphrase is different now.
8. Reboot the machine again and attempt to log in to BootGuard as user1 using the newuser1pass password. Successfully login with SSO directly to Windows.