Unable to unlock workstation with eDir password with NSL installed in LDAP Application mode

  • 3771404
  • 06-Nov-2006
  • 26-Apr-2012


Novell SecureLogin


NSL installed in LDAP mode

NSL/ LDAP installed in Application mode (i.e. option selected to login to NSL/ LDAP when SecureLogin starts)

Secure Workstation

Secure Workstation locks workstation after period of inactivity

No Novell Client present on the workstation


Unable to unlock workstation with eDir password when NSL6 is installed in LDAP Application mode,

Windows password is required to unlock the workstation when NSL6 is installed in LDAP Application mode


This is working as designed.

Workaround: Install NSL in LDAP GINA mode. Installed in GINA mode, the option to unlock with eDir credentials will also be available. The only practical difference between the two modes is that in GINA mode the first NSL user will need to login to LDAP/ eDir when the workstation is initially booted up. After that, the two modes function exactly the same.


To lock the workstation, SecureWorkstation simply calls the Windows api 'LockWorkstation.' With this call, the passwords used to login at initial bootup will be available for unlocking the workstation. When NSL is installed Application mode, no login to NDS is made at bootup; so the only option for unlocking the workstation is with the Windows password.

Installed in GINA mode, NSL authenticates to eDirectory at the time of initial login. Thus unlocking the workstation with the eDir password is only available if SecureLogin is installed in GINA.

Tid 3009412, "Description of NSL LDAP installation options" provides additional information on the various NSL/ LDAP installation modes.