Getting the Password Hint to work with Novell Client 4.91 SP2

  • 3628651
  • 15-Sep-2006
  • 26-Apr-2012

Environment

Novell Modular Authentication Service (NMAS)
Novell Client for Windows 4.91 Support Pack 2 for Windows XP/2000/2003
Universal Password
Forgotten Password Self-Service for the Novell Client

Situation

The Forgotten Password Self-Service Hint feature from the Novell Client 4.91 SP2 (and greater) is hard coded to look for and update the nsimPasswordReminder attribute. Previously to Novell Client 4.91 SP2, the Novell Client would use the nsimHint attribute.

The nsimPasswordReminder attribute was introduced with eDirectory 8.8 and NMAS 3.0. If eDirectory 8.8 (or greater) has not been installed into the tree, the schema definition for nsimPasswordReminder will not be available .

This will only effect those that selected the action for the Forgotten Password feature as "Show hint on page" option in the Universal Password Policy, Forgotten Password Action.

Resolution

For trees that have not introduced eDirectory 8.8 (or greater) yet, it is possible to install NMAS 3.X on eDirectory 8.7.3 servers. (Please see the readme for Supported Platforms for NMAS 3.1.1 under the "system requirements")

To extend the schema for the nsimPasswordReminder attribute, do the following:

1. Download and install Security Services 2.0.2 (or greater) patch, which includes NMAS 3.1.1.
2. When the Security Services Patch is installed, it will lay down the schema files, however it will not extend the schema.
3. Extend the schema with the following files: NMAS.SCH, NSPM.SCH, NSIMPM.SCH

These files are located in the following directories:

NetWare:sys:\system\schema
Use NWCONFIG | Directory Options | Extend Schema | (authenticate) F3 to specify a directory and file.

Windows:novell\nds

Linux, Solaris, AIX and HP-UX:/opt/novell/eDirectory/lib/nds-schema (relative to where eDirectory is installed)

3. After the schema has been extended, Log in to iManager | Configure | iManager Server | Configure iManager | Misc tab | check the box to Enable "[this]" | Save | Close | Select the View Objects icon | Select the tree object | Modify Trustees | Add Trustee | Choose the [This] object | Ok | Select the "Assigned Rights" link next to [this] | Select Add Property | Select the "Show all properties in schema" | Select the property "nsimPasswordReminder" | Ok | Grant "nsimPasswordReminder" the rights of "Write", "Self" and "Inherit". If [All Attributes Rights] or [Entry Rights] appear for the [This] trustee, select these and chose "Delete Property".

After extending the schema and setting the ACL for the nsimPasswordReminder attribute, the hint feature will be available for the Novell Client 4.9 SP2 clients.