Encryption – SSO advice for a school using domain & local users

If your users use a domain user at school and a local user at home when logging onto their laptop they face the following issues…

Background:

The first ever time an encryption user logs onto the system the software will capture their Windows username and password for the SSO (Single Sign On) functionality.

This means that the next time they log onto the device it will attempt to automatically log them onto Windows with that information.

Issue:

In the situation where your users have domain accounts at school but use a local user away from the school network they will have problems with the SSO credentials constantly being changed for their account all the time.

This means they will still need to remember the windows credentials as well as the new encryption credentials making the situation more complicated.

Recommendations:

  1. Consider using Roaming Profiles on your domain
    1. http://en.wikipedia.org/wiki/Roaming_user_profile
    2. http://technet.microsoft.com/en-us/library/cc738596(WS.10).aspx
    3. ScoMIS offer technical consultancy which could assist with this , contact the Service Desk if you would like more information.
  2. Log a call with the Service Desk quoting this FAQ, ask to have the SSO functionality disabled for your school following http://faq.scomis.org/kb1679/
    1. This is not recommended because the users will have another log in to remember but is possible if you prefer

Related:

http://faq.scomis.org/kb1088/

http://faq.scomis.org/kb1080/

 

Reviewed 09/02/2015

Posted in Encryption, Services, Support and tagged , , , , , , , , , , .