When you attempt to log on to the SafeGuard Web Helpdesk an error message is displayed:
Logon failed. Please try again
Known to apply to the following Sophos product(s) and version(s)
SafeGuard Web Helpdesk
This message can display for a variety of reasons. Firstly, please check the Web Helpdesk installation guide to make sure all the relevant steps have been followed. If the error still persists, it could be related to the Application Pool identity (if no users can log in), or a user's password being reset in Active Directory (if only specific users are unable to log in). Please see below for more details.
What to do - Application Pool Identity
In Internet Information Services (IIS), the SGNWHD site needs to use the same Application Pool Identity as the SGNSRV. Without this, the Web Helpdesk is unable to authenticate to the SafeGuard database to check user credentials (and therefore logon fails).
- Open Internet Information Services (IIS) on the machine where the Web Helpdesk has been installed
- Navigate to the Application Pools section (under the server details in the left hand tab)
- For the SGNWHD-Pool, check the Identity value - if this is not the same as the Identity value for the SGNSRV-Pool, it needs to be changed
- Select the Advanced Settings for SGNWHD-Pool (right click> Advanced Settings, or from the column on the right)
- Locate the Identity option, and click the ellipsis button
- If the SGNSRV is using a Built-in account, select this from the dropdown. If they are using another account, select the Custom account radio button and click Set. Then enter the User Name and Password for the account.
- Recycle the SGNWHD pool (right click > Recycle, or from the column on the right), to terminate the current process and starts a new one using the updated details.
What to do - Password has been reset in Active Directory
This error often occurs after resetting the users password within Active Directory. The certificate associated with the user is incorrect and prevents logon to the Web Helpdesk. It also prevents access to client computers that have been encrypted with SafeGuard Enterprise (SGN).
- Open the SafeGuard Management center:
- Start | Programs | Sophos | SafeGuard | SafeGuard Management center
Go to the 'Users and Computers' view, select the user that is unable to log into the Web Helpdesk, On the 'Certificate' tab, select the certificate and delete it. Go to the 'Security Officers' view and select the user.
- Log into the Management center with your account
It will generate an error and the user will be removed from the 'Security Officers' view Go back to the 'Users and Computers' view. Right-click on the user and select 'Make this user a Security Officer'. Select the required permissions/roles (ensure that 'Helpdesk' is one of them).
This will generate a new certificate for the user and they will be re-added to the Security Officers list.
The user should now be able to log onto the Web Helpdesk with their new password.
Related KBA: Promoted MSO/ SO cannot log in to the Management center with their new password