Contextless login fails using Xtier when eDirectory server set to always refer

  • 3926158
  • 26-Feb-2008
  • 30-Apr-2012


Novell ZENworks 7 Desktop Management Support Pack 1 - ZDM7 SP1 Middle Tier


When the primary authentication domain does not contain a replica of a user partition, and the ldap group object for that server is set to always refer, authentication using xtier fails for contextless login.  For example, user fails to login butuser.users.ou.orgsucceeds.


Workaround:  Set ldap group object for the domain server to chain always rather than refer.  This is done with iManager/ldap options/ldap group/referrals settings.


Reported to Engineering

Additional Information

The rebind to the second server is using anonymous rather than the proxy user defined in the NetStorage setup.