Environment
Novell
ZENworks 6.5 Desktop Management Support Pack 2 - ZDM6.5 SP2
ZENworks Middle Tier
Novell
ZENworks 7 Desktop Management - ZDM7 Middle Tier
Novell
ZENworks for Desktops 4.0.1 - ZfD4.0.1
Novell ZENworks Management Agent
Nsure Identity Manager 2.0
Microsoft Active Directory
Novell ZENworks Management Agent
Nsure Identity Manager 2.0
Microsoft Active Directory
Situation
User associated
applications and policies do not show in NAL or apply when you
change an expired password on boot up with clientless login in
passive authentication mode.
Resolution
For ZDM6.5
SP2: fixed in ZENworks 6.5 Desktop Management SP2 IR1 or newer
found athttps://download.novell.com
For ZDM7: Fixed in ZENworks 7 with SP1 Desktop Management, available athttps://download.novell.com
For ZDM7: Fixed in ZENworks 7 with SP1 Desktop Management, available athttps://download.novell.com
To realize
the fix, you will want to add the following registry keys to each
workstation, and set appropriate values for each:
HKLM\Software\Novell\LgnXTier\
The first
value dictates how many times to retry the passive mode login while
IDM is trying to sync the password and the second one tells how
many seconds to wait in between each retry.
Additional Information
When you are
using IDM to synchronize passwords from Active Directory to
eDirectory with the ZENworks Agent set to "passive mode" (login to
AD first) and your password expires, the ZENworks agent tries to
pass the new password to eDirectory too soon. IDM will not have had
a chance to synch the password change from AD yet. Thus you fail
authentication to eDirectory and no user associated applications or
policies will work.
Formerly known as TID# 10098092 NOVL102557
Formerly known as TID# 10098092 NOVL102557