We have not upgraded any of our Sierra machines to High Sierra yet but Apple finally started shipping macbooks with High Sierra and now we're trying to install safeguard 8.0.3 on our first HS machine and we're getting an error after we drag the client configuration zip file. Please see the picture for the error. I spoke to sophos support. I was told that there is an issue with Apple and AD sync which is causing this error. I find it hard to believe that I'm the only one who has report this issue so far. I'm able to install safeguard with a local username that's not a domain account.
Safeguard Management Center Version 8.00.2.16
Machine OSX version 10.13.2
Safeguard Client version: 8.00.3.9
Cert is SHA2 256
Installing as domain user
Filevault is not enabled
We have the same exact setup (SafeGuard and domain users). I'm just starting my testing of the High Sierra SafeGuard client for the same reasons that you are. I'll report back with what I find.
I did find, however, how you can get Sierra on those newly APFS formatted Macs with solid state drives:
This article explains how you can delete a APFS volume, recreate it as JHFS+, and then you can image or install Sierra as you normally would.
I setup two test machines and have had no issues so far. Our certs are still SHA1 for what it's worth.
I assume the domain account has a mobile account? I want to say that's required to kick off encryption or that account cannot be added to the list of users that are allowed to unlock the system at boot.