Need to force workstation to only allow NT credentials or only allow Novell credentials to unlock Windows NT/2000 workstation.

  • 10059068
  • NOVL34992
  • 08-Dec-2000
  • 02-Feb-2004

Archived Content: This information is no longer maintained and is provided 'as is' for your convenience.

Goal

Need to force workstation to only allow NT credentials or only allow Novell credentials to unlock Windows NT/2000 workstation.

Fact

Novell Client 4.71 for Windows NT/2000

Novell Client 4.8 for Windows NT/2000

Novell Client 4.81 for Windows NT/2000

Novell Client 4.82 for Windows XP

Novell Client 4.83 for Windows NT/2000/XP

Novell Client 4.9 for Windows NT/2000/XP

Fix

Fixed in the Novell Client v4.9 SP1 for Windows NT/2000/XP.

Fixed in the Novell Client 4.83 SP3 for Windows NT/2000/XP

This enhancement has been implemented in the Novell Client 4.80 SP3 for Windows NT/2000 and later releases of the shipping client.  This enhancement was first implemented in LOGINW32.DLL build 29JUN2000 or later post-release build for the Novell Client 4.71 for Windows NT/2000.  

Normally when a Windows NT 4.0 or Windows 2000 workstation is locked (either by pressing CTRL-ALT-DEL and selecting the "Lock Workstation" option or having the "Password protected" option selected on the screen saver), during unlock the user has the option of using either their NT credentials, NDS credentials or bindery-mode credentials (or administrative accounts for each) to unlock the workstation.

The enhancement implements a DWORD flag value named "Simple Unlock".  If not present or set to 0x00000000, the default behavior of presenting all of the NT, NDS and bindery-mode unlock options are presented.  If the value is set to 0x00000001, only the NDS and bindery-mode options are allowed for unlock.  If the value is set to 0x00000002, only the NT option is allowed for unlock.  

[HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Login]
"Simple Unlock"=dword:00000000

Note

If the "Simple Unlock" is set to allow only NDS credentials for unlock, but then the workstation user logs in "Workstation Only" (e.g. if they're disconnected, on the road, etc.), if the workstation is locked it is now impossible to unlock without simply shutting down.  (Because the unlock was forced to only accept NDS credentials, but there aren't any NDS credentials to match against.)

Feedback service temporarily unavailable. For content questions or problems, please contact Support.