This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Community FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Upgrade issue concerning FIPS mode - v10.4.4.4

Go to solution
TVBanks98
Engaged Sweeper II

‎05-04-2023 06:07 PM

I upgraded my on-prem installation today to version 10.4.4.4.  It's running on a W10 box in an AD OU that has FIPS mode enforced through group policy.  

The upgrade ran successfully, but on first login (domain AD authentication) after upgrade the web app would not complete login and displayed an error page.  

I analyzed the logs and found an error related to FIPS mode.

This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.  

   at System.Security.Cryptography.SHA512Managed..ctor()

I was able to resolve the issue by temporarily disabling FIPS mode on the Lansweeper server.  I was then able to log in successfully.  I then re-enabled FIPS mode and Lansweeper continues to operate normally.  

This seems to be related to a one-time "first login after upgrade" process.  

Hope this helps others why are experiencing the same issue with the latest upgrade.  

Labels:
1 ACCEPTED SOLUTION
Go to solution
KevinA-REJIS
Champion Sweeper III

‎05-04-2023 07:23 PM

I encountered the same issue when I upgraded our Lansweeper to 10.4.4.4. I notified support and they said it was a conflict with the GPO "System cryptography: Use FIPS 140 compliant cryptographic algorithms, including encryption, hashing and signing algorithms." 

They've logged it internally as LAN-15110 for a future fix.

View solution in original post

4 REPLIES 4
Go to solution
tjernejcic
Engaged Sweeper

‎05-12-2023 05:08 PM

Unfortunately this solution didn't work for me. Disabling FIPS does work, but once enabled again the same login problem reappears. Anyone have any other solution or do we need to wait for the next update to hopefully fix it?

Thanks.

0 Kudos
Go to solution
TVBanks98
Engaged Sweeper II
In response to tjernejcic

‎05-12-2023 06:31 PM

Same here, unfortunately.  Mine actually ran OK for several days with FIPS mode enabled after I toggled it off and back on.  It stopped working again when the M$ May Update was installed.  Now FIPS mode has to be disabled for it to work at all.  Hope the fix comes soon.  

0 Kudos
Go to solution
KevinA-REJIS
Champion Sweeper III

‎05-04-2023 07:23 PM

I encountered the same issue when I upgraded our Lansweeper to 10.4.4.4. I notified support and they said it was a conflict with the GPO "System cryptography: Use FIPS 140 compliant cryptographic algorithms, including encryption, hashing and signing algorithms." 

They've logged it internally as LAN-15110 for a future fix.

Go to solution
TVBanks98
Engaged Sweeper II
In response to KevinA-REJIS

‎05-04-2023 07:32 PM

Yes, correct, that is the GPO.

Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options

https://learn.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/system... 

I was happy that the quick disable, authenticate, and re-enable seems to have resolved it.  The logs are clean after performing that process.  

0 Kudos

Product Discussions

Share feedback, exchange ideas and find answers to Lansweeper product questions.

New to Lansweeper?

Try Lansweeper For Free

Experience Lansweeper with your own data.
Sign up now for a 14-day free trial.

Try Now