Friday, February 27, 2009

Pointsec Video: Windows Integrated Login

Here is the latest Pointsec instructional video from Black Fist. Today we're going to cover Windows Integrated Logon; how to set it up and what it looks like for your users. It's a short video because it's really easy to do. Enjoy.



Errata: After I finished making this video I realised that I left something out. It doesn't change the process of enabling Windows Integrated Logon though, so I decided not to record the whole video over again. Anyway, I talked about setting Max Failed Windows Logon in the video. I said that when you set that number and a user has that many failed logon attempts then the computer will reboot and force authentication in the Pre-Boot Environment. What I failed to mention is that this functionality is not workin in Vista right now. So if you're testing this out on Vista you might beat your head agains a wall for a while.

5 comments:

Andrew B. Berhow said...

Make sure you don't select "Enable Hardware Hash" as the computer will not use WIL regardless of if no hardware changes have been made (assuming you're doing this on a physical PC and not a VM). It took me a month to finally get Check Point to acknowledge this bug.

lapen said...

Hi,

Thanks for video!!

I have a strange situation with WIL. I have WIL turned on on our machines and just today someone brought this up. apparently they had locked out thier account and were forced to reboot as it should. upon reboot, pointsec attempts to load but after the "Pointsec for pc..." the machine bluescreens and a ***Stop in PSMain*** message shows up followed by error code and stack backtrace...

I was able to replicate this on two machine, one physical and one virtual.

At this point, I have to go thru the painful decryption process. tried their stop error recovery tool to no avail.

any suggestion is greatly appreciated.

Thanks.

Black Fist said...

@lapen
I have seen that error message before, but I have never found a reliable way to reproduce the problem. What I have usually done is decrypted the machine, uninstalled Pointsec and reinstalled. A rather painful process to be sure, but thankfully pretty rare in my experience. Having two machines that are doing that as you describe would make me upset. I wish I had some better advise for you, but I think you're doing all that I can think of for those machines.

lapen said...

@Blackfist

Thanks for the response! Luckily we only have a handful of these and they are rather rare but it still bugs me why this is the case. I'm still investigating the issue. should i come across anything, surely i'll share.

Thanks for the blogs! keep up the great work!

lapen

Anonymous said...

I'm stuck. A user failed to authenticate and now is at the pre-boot screen. I can't login using either of the admin credentials. I tried the admin usernames and the Windows password, but this doesn't work either.