Deactivated but still in protected Status question

  • 22 April 2015
  • 5 replies
  • 141 views

Hi,
 
I need to know if there is any way that the client or admin can  have an alert that they are not being protected when they are deactivated.
 
Recently I've had a client that was deactivated after a computer swap (This is because the computer was seen as "Not seen recently" for over several weeks.  Therefore we deactivated the client in order to free up seats.  The computer was then prepared for another user.   After the computer was prepared with the same computer name I found later that the status on the newly imaged computer was still set to deactivated after the reinstall of webroot, but the status was protected.  this user recieved a virus before I was able to reinstall webroot and reactivate his client.
 
Currently there is no way to know (Alert, log, or message to client) that a client is Deactivated but showing the status of protected without looking specifically for this situation.   And for our current business size this can be dangerous for users.   Is there any way to have this functionality added so that we can identify when someone is using a computer that may have been deactivated but should be active and protected.
 
-The fact that a deactivated client is still in the protected status doesn't make sense, so shouldn't there be something that alerts you of this negating status?
 
Thank you for your time,
 

5 replies

Userlevel 5
Hello,
 
The back end identifiers are based off the Microsoft Security Identifier (SID) so if that changes, usually though re-image or sysprep, then the machine will get a new instance in the account. If the SID has not changed then it will sync up with the existing instnce in the account. 
 
You can force a new instance to show up using the deployment swtich -clone.
Hi JohnnyS,
 
I appreciate your quick response.   the issue we are having is not being aware when a client is deactivated, but is in protected status.   We need a way of knowing when this is occuring, because recently someone under these circumstances were on a computer that wasn't being protected at all and recieved a virus.   In other words we need a way to know when this happens so that we can react before any issues occur.
 
Is there anyway to have webroot alert either the enduser or in the console when this occurs.  Because of the unusual state I would think it should be possible, I'm sure a deactivated client should not have the status of "Protected" if I am understanding how the deactivation process works"   If not I need to find a way to make this possible. 
 
Our client unfortunately suffered an attack that resulted in identity theft and we would like to have the ability to identify issues like this beforehand and proactively correct any errors.
 
Any assistance you can offer is greatly appreciated, and I appreciate your time.
I'm curious to see a response to this as well.
Userlevel 5
"the issue we are having is not being aware when a client is deactivated, but is in protected status.   We need a way of knowing when this is occuring, because recently someone under these circumstances were on a computer that wasn't being protected at all and recieved a virus."
 
This is expected, if a machine is in the deactived group it is assumed uninstalled.
 
Don't ever rely on a machine in the deactivated group to be "Protected" even though it says it is.
 
Though the machine may be checking in it may not be populating the console with data properly.
 
Maybe I'm still missunderstanding your problem.
Hi.
 
We would like to be alerted when a client is in this status.   Having to look for computers that are showing a status of Deactivated, and Protected is time consuming.   So we would like to know if there is a way to setup Webroot console so that it will either send a log of computers in this status weekly/monthly, or alert either the user/ manager when a client is in this status specifically (Deactivated/Protected).  The method doesn't matter as long as there is a way for Webroot to let us know when it happens.
 
My understanding is that no computer should ever be labeled Deactivated/ and Protected,  but because this seems to occur we would like to be alerted when it happens so we can rectify the situation.
 
I do apologize if I'm causing any confusion with my post in advance,
 
 

Reply