I am trying to configure host check to evaluate policies.
Everything seems to be OK except SA does not show any custom redemiation page when a pc fails to comply with host checker policies. are anabled under the policy. What can be a problem?
Thanks a lot!
I hope you have found a solution, but I did want add to the thread because I believe I understand the issue after responding to another thread. If you are utilize the custom experience for hostCheckerPolicy to map to a specific role for a pass and fail scenario, this issue would occur. Since the SA is making the decision for the end user, no remediation page will be displayed.
I was able to get the remedation page to display if I mapped the user to the same role (both pass and fail). In the pass role, host checker was required. In the fail role, host checker was not required. Since the end user is mapped to both roles, the SA will prompt with the remediation page which will give the end user a chance either to resolve the issue or continue which they will only be mapped to the failing role.
I hope this helps.
It sounds like you have everything you need. What appears on the screen when HC fails? What version of the SA software are you running?
Absolutely nothing a user is forwarded to login page as usual. But in logs I can see that a user fails to comply with a security policy. Hostchecker popuop windows in notification is there.
7.2R8 (build 23551)
I tried replicating the issue in 7.2R8 and could not see the issue. I did find a previously reported issue with similiar symptoms, but this was under the scenario they were trying to send SSO data to the SA device. Could you give more details how the SA device is configured and if there are any special circumstances I should be aware of?
Under User Realm - Authentication Policy - Host Checker I checked Evaluate ALL Policies
Endpoint Security - Host Checker I have configured 2 policies for example one is Antivirus Policy
Then under the Antivirus Policy I have created a rule to check Antivirus existance
A also selected and wrote a custom message.
But this message is not being shown before login screen to users who do not meet the antivirus requirements.
If I apply this under User Role not User Real the custome message is displayed but in this case they are not allowed to login as long as their PC do not meet the policy requirements.
I am not able to replicate this issue in the lab per your description. Can you please open a JTAC case and provide a copy of your system and user configuration? This will help speed up the replication process and resolution time.