"No user logged on at physical console" when bringing up WSS Agent on MacOS
search cancel

"No user logged on at physical console" when bringing up WSS Agent on MacOS


Article ID: 253364


Updated On:


Cloud Secure Web Gateway - Cloud SWG


WSS agent user running on MacOS can authenticate with SAML and browse allowed sites without issues.

Periodically, instead of being asked to authenticate to the SAML IDP server, the user simply sees the following message on the console:

"No user logged on at physical console" 

If you see "Waiting for console user to log in" you should also see "has logged in - continuing CTC" in diagnostic log, which was not the case when it failed.

This should not happen with MacOS as there is always a logged in user on console.

Only seems to happen with a reboot/restart - any RECONNECT always works fine.



WSS Agent 8.2.1

MacOS 12.6


Race condition between console notification thread and CTC module.


Apply WSS Agent 8.2.2

Additional Information

WSS Agent disgnostic info showed the following info when the MacOS user was clearly logged in.

[10-05-2022 17:11:54 (UTC+2:00)]: ---- Starting Service ( ----
[10-05-2022 17:11:54 (UTC+2:00)]: Customer ID: XXXXX
[10-05-2022 17:11:54 (UTC+2:00)]: Tamper protection: disabled
[10-05-2022 17:11:54 (UTC+2:00)]: macOS arm64 12.6.0  machine name: XXXXXX machineID: XXXX-XXXX-XXXX-XXXX
[10-05-2022 17:11:54 (UTC+2:00)]: (Notifier) Using network extension
[10-05-2022 17:11:55 (UTC+2:00)]: Initial routing configuration - traffic to ctc.threatpulse.com now routed through interface with address:
[10-05-2022 17:11:55 (UTC+2:00)]: Waiting for console user to log in   ******  normally see MacOS logged in user info here
[10-05-2022 17:11:56 (UTC+2:00)]: Known proxies:;ep.threatpulse.net:80(N);prxcagip.zoe.gca:8080(N);
[10-05-2022 17:12:03 (UTC+2:00)]: CTC Response: ACTIVE(PRECHK)  egress:  GFRPA-  GBEBR-  GNLAM-  GDEFR-  ******  manually reconnected 30-40 seconds later and all worked fine.
[10-05-2022 17:12:32 (UTC+2:00)]: Manual reconnect to WSS initiated