Environment
Novell ZENworks 7 Desktop Management Support Pack 1 - ZDM7 SP1 Desktop Management
Situation
PROBLEM STATEMENT: In the DLU policy they enable the Login Restrictions box to
restrict DLU on certain machines, it causes the DLU not to work at all.
PLATFORM / CONFIGURATION:WinXP
ZDM 7 HP 6
Client + Agent ZDM 7 SP1 IR1
NetWare 6.5 backend
STEPS TO REPRODUCE (Enough detail to create a test case):
a. Setup a DLU policy, associate a user from a user group to it.
b. Check the Enable Login Restrictions check box and not the Ristrict
Unregistered workstations check box.
c. Make the user a member of the users group.
d. Try and login to the workstation and you should only get one login and the
profile should be created.
RESULTS: DLU does not work. They login to the NWGina, and then the Microsoft
login appears.
EXPECTED RESULTS: DLU should work and they should have to login only once.
DOES THE BUG OCCUR IN ANY OTHER PRIOR PATCH (HotPatchx, SP, or FCS)?: Unknown
WORKAROUNDS / COMMENTS: no workarounds other than disabling Login Restrictions
Resolution
It looks like we may have identified what is happening. It looks
like it is a reference problem with Edir 8.7.3.x. This is
fixed with eDir 8.82. ZDM 7 is supported on eDir 8.82 with
the latest updates, so if you are able to update ZDM, then update
eDir to 8.82, that should fix this issue. You also can try to
run a repair to see if that helps on 8.7.3.x code. It has
helped in some cases and not others.
Status
Reported to EngineeringAdditional Information
The way it affects the DLU user is like this..
When the DLU policy package gets created with login restrictions enabled, we add workstation object(s) in the list of included and excluded workstations. This package then gets associated to the users. At this time, afaik, e-dir should create a back-reference to the workstation object(s) and the user as well. But sometimes (I should insist the randomness here) this reference creation fails. If this reference is not created then the ZDM code cannot find the workstation in the list of included as well as excluded list of workstations or containers. This then causes the isComputerRestricted method to return true since that is the default behavior. If a workstation is not found on list of included workstations or excluded workstations then access to that workstation is restricted.
When the DLU policy package gets created with login restrictions enabled, we add workstation object(s) in the list of included and excluded workstations. This package then gets associated to the users. At this time, afaik, e-dir should create a back-reference to the workstation object(s) and the user as well. But sometimes (I should insist the randomness here) this reference creation fails. If this reference is not created then the ZDM code cannot find the workstation in the list of included as well as excluded list of workstations or containers. This then causes the isComputerRestricted method to return true since that is the default behavior. If a workstation is not found on list of included workstations or excluded workstations then access to that workstation is restricted.