05-04-2023 06:07 PM
I upgraded my on-prem installation today to version 10.4.4.4. It's running on a W10 box in an AD OU that has FIPS mode enforced through group policy.
The upgrade ran successfully, but on first login (domain AD authentication) after upgrade the web app would not complete login and displayed an error page.
I analyzed the logs and found an error related to FIPS mode.
This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.
at System.Security.Cryptography.SHA512Managed..ctor()
I was able to resolve the issue by temporarily disabling FIPS mode on the Lansweeper server. I was then able to log in successfully. I then re-enabled FIPS mode and Lansweeper continues to operate normally.
This seems to be related to a one-time "first login after upgrade" process.
Hope this helps others why are experiencing the same issue with the latest upgrade.
Solved! Go to Solution.
05-04-2023 07:23 PM
I encountered the same issue when I upgraded our Lansweeper to 10.4.4.4. I notified support and they said it was a conflict with the GPO "System cryptography: Use FIPS 140 compliant cryptographic algorithms, including encryption, hashing and signing algorithms."
They've logged it internally as LAN-15110 for a future fix.
05-12-2023 05:08 PM
Unfortunately this solution didn't work for me. Disabling FIPS does work, but once enabled again the same login problem reappears. Anyone have any other solution or do we need to wait for the next update to hopefully fix it?
Thanks.
05-12-2023 06:31 PM
Same here, unfortunately. Mine actually ran OK for several days with FIPS mode enabled after I toggled it off and back on. It stopped working again when the M$ May Update was installed. Now FIPS mode has to be disabled for it to work at all. Hope the fix comes soon.
05-04-2023 07:23 PM
I encountered the same issue when I upgraded our Lansweeper to 10.4.4.4. I notified support and they said it was a conflict with the GPO "System cryptography: Use FIPS 140 compliant cryptographic algorithms, including encryption, hashing and signing algorithms."
They've logged it internally as LAN-15110 for a future fix.
05-04-2023 07:32 PM
Yes, correct, that is the GPO.
Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options
I was happy that the quick disable, authenticate, and re-enable seems to have resolved it. The logs are clean after performing that process.
Experience Lansweeper with your own data. Sign up now for a 14-day free trial.
Try Now