SecureLogin does not detect password change

  • 3609346
  • 08-Oct-2007
  • 26-Apr-2012

Environment

Novell eDirectory
Novell SecureLogin 3.51
Novell SecureLogin 6.0
Novell Client for Windows 2000/XP/2003 4.91 Support Pack 2

Situation

SecureLogin does not detect password change from the Novell Client change password dialog.
SecureLogin still uses old password after a password change.

Resolution

The solution to this issue is addressed by updates to both SecureLogin and the Novell Client for Windows 2000/XP.
- Update SecureLogin to version 6.0.005 or newer. (or forSecureLogin 3.51, update to version 3.51.307).
- Update the Novell Client to version 4.91 sp4 or newer.
- It may also be neessary to register slinac.dll as the Novell Credential Manager. To do so, create a (string value) registry setting in
[HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Network Provider\CredentialManagers] called

"SSOSync"="c:\\windows\\system32\\slinac.dll"

Note that the path to slinac.dll may be different from the above example, depending onWindows version (c:\windows\system32 or c:\winnt\system32). Also, the installation of the 3.51.307 update will automatically make this registry entry during the installation process. For 6.0.005 users, the registry key and value are not set by the installation routine. Future releases of 6.0 updates will include this registry key and value as part of the installation process.

Note: Older versions of SecureLogin will support password expiration but will not support password change.

Additional Information

SecureLogin has always supported password expiration. This is where the password has expired in eDirectory and the user is prompted to change the password during the login process. The Novell client interacts with eDirectory to change the password and then passes the new credential information to SecureLogin via a registered Novell client login extension. But during a forced password change SecureLogin is not notified that a password change event occurred.
Users activate the forced password change by pressing on the keyboard. The Novell client displays a window with a button labeled "Change Password". If the user clicks on the change password button, the Novell client will allow the user to change their password on any of the connected resources. Since this activity was outside of the login process, the Novell client would not call any registered login extensions. So there was no notification to the SecureLogin client that a password change had occurred. The only method of notifying SecureLogin that a password change had occurred was for customers to work around the issue by forcing users to logout and log back in to the network.
SecureLogin scripts using the syspassword runtime variable would not be updated with the users new password after a password change event had occurred. Also Citrix passthrough would still attempt to utilize the old password. Logging out and logging back in to the network would force the Novell client to call SecureLogin with the new password. The SecureLogin client would then update the syspassword runtime variable with the new password.

Feedback service temporarily unavailable. For content questions or problems, please contact Support.