Sophos updating credentials
In this scenario, Windows uses the cached credentials from the last logon to log the user on locally and to allocate access to local computer resources.-From cached credentials allow users to access a machine even when no DC is available to authenticate the user. And since AD passwords generally only change every 30-90 days this is a fantastic method to provide a great user experience in a highly mobile environment.
That is, until the AD credentials and the cached credentials become out of sync.
Yes, this sounds like a bummer but it’s actually a good thing.
- There are no supported scenarios for deploying the client software un-managed.Then all kinds of problems can occur when a user tries to access domain resources and the main problem is repeated account lockouts because the Windows client is passing invalid cached credentials to a domain controller.First and foremost, it’s not possible to reset cached credentials when an AD password is reset.For example, suppose a mobile user uses a domain account to log on to a laptop that is joined to a domain.
Then, the user takes the laptop to a location where the domain is unavailable. - Protect your existing management server with Sophos Central you should first uninstall the previous management and client software before re-installing the Sophos Central endpoint solution.