Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Premysl_Vresky
Contributor

What information is written in preboot?

What information is written in preboot?

Hello.
Should I ask what information, in addition to my name and password, is written in preboot?
This is a domain computer.

I have an interesting situation here: my colleagues transferred computers from one container to another in AD.
it means policy change and also another Folder Redirection.

There was a problem with encrypted computers.
Normally, the user logged on to the preboot, but he did not have a login to Windows.
It was left hanging on this screen: (Welcome)


Fortunately, the client was communicating with the server so it was enough to shut down the preboot and the computer was running normally.

I'll examine it tomorrow ...
What effect can preboot have on logging in to Windows, except for your username and password?

some idea?
4 Replies
PhoneBoy
Admin
Admin

Each computer has assigned to it the users that can log in at preboot.

I assume, in addition to the username/password, we're also storing the SID of the user.

It sounds like what you did was move the user to a different part of the AD, which may have changed his SID.

In which case, trying to login with the pre-boot credentials would fail.

I think you can fix this by reassigning that user to the computer as allowed for preboot.

0 Kudos
Premysl_Vresky
Contributor

I have information from colleagues that the SID has not changed 100%
Today I'm going to be part of testing, I'll try to disable SSO on this computer.

I'm trying to understand exactly what happens when I login to windows with preboot data

0 Kudos
Robert_Granlof
Employee Alumnus
Employee Alumnus

The information provided from preboot is domain, username and password. This information is used in the Check Point credential provider to perform a Windows autologon if SSO is enabled.


When the “Welcome” message is shown, the user information has already been set in the credential provider (from preboot data or manually entered) and the sign-in process has been started. Normally when having any kind of problems at sign-in there can be a time-out but it should be followed by an error message (for example if there are problems getting hold of the user SID or using wrong credentials).

I did not manage to reproduce the problem you are facing. If you have not found a solution to the problem I suggest that you open a Service Request so we can do a deeper analysis of the problem.

Premysl_Vresky
Contributor

thank you for answer. I have both decrypted and encrypted both computers. Unfortunately, it was not time to investigate more in this case. If there is another such case, I will create a ticket and analyze it.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events