We’ve detected that JavaScript is disabled in this browser. Please enable JavaScript or switch to a supported browser to continue using twitter.com. You can see a list of supported browsers in our Help Center.
Terms of ServicePrivacy PolicyCookie PolicyImprintAds info © 2021 Twitter, Inc.
To view a SAML response in Chrome
Please note you may need to adapt these steps accordingly with future browser updates.
To view a SAML response in Firefox
Please note you may need to adapt these steps accordingly with future browser updates.
To view a SAML response in Internet Explorer
The best way to analyze network traffic in Internet Explorer is through the use of a third-party tool. Follow these steps on Microsoft Technet to download and install Fiddler to capture this data.
To view a SAML response in Chrome
Please note you may need to adapt these steps accordingly with future browser updates.
Once you find the Base64-encoded SAML response, copy it and paste in your favorite SAML decoding tool to extract the XML tagged response.
| Note: Because the SAML response may contain sensitive security data, we recommend you do not use an online SAML decoder tool. Instead use the built-in options below. |
|---|
PS C:> [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String("encodedSAMLtext"))
$ echo "encodedSAMLtext" | base64 --decode
Issue:
User has Symantec DLP Endpoint Prevent installed. He goes into Safari preferences>extensions and enables the Symantec DLP browser extension. 15-20 minutes later, he will receive the reminder to enable the Safari extension again. He goes back into the Safari preferences and the extension is disabled again. He will reenable the extension again until he eventually quits using Safari. I’ve uninstalled and reinstalled the endpoint agent. Besides altering the notification settings, does anyone have suggestions on how to resolve this issue? The extension notification settings are currently set to default.
Symantec DLP Endpoint Prevent 15.5 MP1 & MP2 (Tiried two different versions)
Workstation: Mac OS X 10.14.6
To begin using ShareConnect, you must install the ShareConnect desktop app to turn them into remote computers for your ShareConnect account. When you install ShareConnect on your Mac, the installation package (including applications and plugins) will be downloaded onto your computer. By leaving the applications installed and the plugin enabled, you can avoid the extended download process if you need to install ShareConnect once more on your Mac.
Note: These instructions apply to Mac customers only; also see Install ShareConnect on Windows.
The installation package includes the following components:
1. Click the Add This Computer button to initiate the software download.
Once the web browser launches, you will see the following:
- If the Launcher application is not installed (either first time joining or it was removed), then the Citrix Online Launcher.dmg file will automatically start downloading. Continue to Step #2.
- If the Launcher application is already installed, then the web browser will automatically start the Launcher app, which will then launch the ShareConnect application (or install it again, if needed).
- Apple Safari
Double-click the “Citrix Online Launcher” file in the browser’s Downloads window
- Mozilla Firefox®
Select “Open with” then click OK when prompted (click restart the download in the browser window if needed).
- Google Chrome™
When the download finishes, click Citrix Online Launcher file.zip at the bottom of the page to open the file (you may need to refresh the page and/or click download & run ShareConnect).When the Citrix Online Launcher window opens, double-click the Launcher icon
4. You will see a message noting that “Citrix Online Launcher” is an application downloaded from the internet. Enable the “Don’t warn me […]” check box, then click Open to continue. The ShareConnect application will then finish downloading and you will need to follow the instructions on the screen to finish installation.
Make sure that you enter your email address associated with your ShareConnect account to register your Mac as a new remote computer! You will now see the ShareConnect icon on your Menu bar.
Desktop (Windows, Linux, Mac)
Mobile Devices
1. End users (Signers and Senders) using very old browsers.
2. Partners and customers who are utilizing the RightSignature public API.
TLS stands for “Transport Layer Security”. RightSignature, like many web-based services, uses it to secure communication between external applications and the RightSignature API. To further strengthen the security of your documents and data, the RightSignature API will no longer support TLS 1.0 or TLS 1. 1 after May 31, 2018.
End users (Signers and Senders) should use following browser versions or newer:
Partners should contact their IT department, and ensure that they’ve enabled TLS 1.2 for connecting to the RightSignature API. This applies to all private, public, and partner applications connecting to the the API.
For more information on the risks and deprecation of TLS 1.0 and TLS 1.1, check out this blog post.
For questions related to the RightSignature API, visit our Customer Community.
This article provides information about support for MacOS 10.15 Catalina, as well as known issues. It is highly advisable to read the known issues as there are several unavoidable issues in this OS release.
Apple has new enforced per application permissions in this version. Some permissions (such as user folders) will present a pop-up notice to the user to allow access, however for system level access, no notification is presented by the OS. Several Sophos services require this system level of access in order to detect and clean threats. This means that Apple will not notify users if these issues are being experienced.
All of our applications and installers are 64-bit, and will not be limited by Apple’s 32-bit restriction.
The following sections are covered:
Applies to the following Sophos products and versions
Central Mac Endpoint
Sophos Anti-Virus for Mac OS X
Operating systems
MacOS 10.15 Catalina
With the release of macOS 10.15 Catalina, Apple has added additional security lock downs to the operating system, including per application disk access lock downs. This results in several large impacting issues that must be corrected for full protection. Please see the Known Issues section below for full details. It is not recommended upgrading to 10.15 until your organization has a transition plan in place.
In order to support macOS 10.15 Catalina, Sophos Endpoint 9.9.4 or above is required. Earlier versions will run if present during an upgrade, but are subject to the same known issues below, but not all permissions can be added (SophosServiceManager and SophosScanAgent cannot be added with 9.9.3), 9.9.3 and below will not install on a 10.15 system, and Central clients 9.9.2 or below will fail to communicate with Central until they update.
Sophos released 9.9.4 to Central in September 2019. 9.9.4 is also Preview subscription for Enterprise Console customers as of mid-September 2019.
For both Central and Enterprise Console, 9.9.5 releases in mid-October 2019 (to Recommended and Preview for Enterprise Console), and includes permissions popup to make installations a bit easier.
Apple has locked down the following User Folders in OS 10.15.
The agents will need to be added to the Full Disk Access area of security and privacy, unless otherwise noted.
The following issues will be experienced after upgrading to macOS 10.15 and before applying the corrective steps.
The following can be performed on OS 10.14, before upgrading to 10.15, or after 10.15 has been installed. The only exception to this is SophosServiceManager, which can only be added on 10.15.
Note: The tool “sweep”, which is /usr/local/bin/, cannot be added via this method as it is not a .app. It will prompt the user the first time the tool is run in order to be allowed. It will only be called if you are using it via command line.
Using an MDM solution like Apple Profile Manager, or JAMF, you can add permissions in TCC to allow these processes. Visit the following kba articles for further instructions:
KNOWN ISSUE: “Full disk access required” message displays on Catalina when using an MDM solution with the correct access (with Sophos 9.9.5). Please see this KB134833
If you’ve spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article.
This is invaluable to us to ensure that we continually strive to give our customers the best information possible.
There are some generic rewrite policies which support the following platforms:
List of generic rewrite actions
List of generic rewrite policies
If the above expression does not work,change it to:
(HTTP.RES.STATUS.EQ(302)) && (HTTP.REQ.HEADER(“User-Agent”).CONTAINS(“iPad”) || HTTP.REQ.HEADER(“User-Agent”).CONTAINS(“Safari”) || HTTP.REQ.HEADER(“User-Agent”).CONTAINS(“iPhone”)) && HTTP.RES.HEADER(“Location”).CONTAINS(“/site/launch.jsp?CTX_UID=”)
If the above expression does not work,change it to:
HTTP.REQ.URL.SUFFIX.EQ(“ica”) && (HTTP.REQ.HEADER(“User-Agent”).CONTAINS(“iPad”) || HTTP.REQ.HEADER(“User-Agent”).CONTAINS(“Safari”) || HTTP.REQ.HEADER(“User-Agent”).CONTAINS(“iPhone”)) && HTTP.REQ.URL.PATH_AND_QUERY.CONTAINS(“/site/launch.ica”) && HTTP.REQ.HEADER(“Cookie”).CONTAINS(“JSESSIONID=”)
It is recommended to use the iOS URL (platform = iOS).
Safari on iPad devices, now reports itself as a macOS device.
Citrix Endpoint Management site has no option to redirect to the correct iOS site, before the browser will redirect to the right web page. As a result, the wrong profile is downloaded.
When enrolling an iPadOS device using the iOS URL (i.e. https://serverFQDN:8443/instanceName/ios/otae), the following message will be displayed. Please ignore the message and enter credentials to enroll
Note:Enrolling using OTA URL is not supported anymore for iPadOS and iOS (only for macOS)
