Environment
Novell Client 2.1 for Windows 7
Novell Client for Windows 2000/XP/2003 4.91 Support Pack 3 Login
Novell Client for Windows 2000/XP/2003 4.91 Support Pack 4 Login
Novell Client for Windows 2000/XP/2003 4.91 Support Pack 5 Login
Novell eDirectory 8.7.3.10 for Linux
Novell eDirectory 8.7.3.10 for Netware
Novell eDirectory 8.8.5x
Novell Client for Windows 2000/XP/2003 4.91 Support Pack 3 Login
Novell Client for Windows 2000/XP/2003 4.91 Support Pack 4 Login
Novell Client for Windows 2000/XP/2003 4.91 Support Pack 5 Login
Novell eDirectory 8.7.3.10 for Linux
Novell eDirectory 8.7.3.10 for Netware
Novell eDirectory 8.8.5x
Situation
Workstations with persistent drive mappings to NetWare servers lock
their eDirectory user accounts when performing a workstation only
login. There are no prompts or login screens presented to the
desktop advising to use correct user ID and password. The local
Windows user or Active Directory user is not the same name as the eDirectory user object. Packet traces show multiple authentication
attempts to eDirectory with correct user ID, but null password. This
issue will take place even if the Windows user and eDirectory user have
the same password.
This issue also takes place with earlier 4.91 clients. With 4.83x using the same configuration resulted in login attempts to eDirectory with an incorrect ID. This resulted in a -601 return, and no lockout.
This issue also takes place with earlier 4.91 clients. With 4.83x using the same configuration resulted in login attempts to eDirectory with an incorrect ID. This resulted in a -601 return, and no lockout.
Resolution
This issue has been resolved with in the Novell Client for Windows 2000/XP/2003. You can find post login updates for both sp4 and sp5 in the Novell Patch Finder at located at support.novell.com. After the update has been applied, there are additional steps needed. In order to activate the new feature that halts the the undesired
login attempts, the following registry key will need to be added to
the problem workstations:
under [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Network Provider], add "AllowLoginAttemptsWithDefaultPassword" with a value of 0x00000000
This behavior is optional meaning by default, the Novell Client will attempt to automatically login to eDirectory based on the Windows user credentials. To suppress these attempts in environments where the Windows credentials are known not to work & intruder detection is an issue, you will need to distribute the registry setting to the workstations via ZENworks or any other workstation management method that can distribute the registry change. This update is only available for 4.91 sp4 and 4.91 sp5.
This issue has not been resolved for Novell Client 2.1 IR3 for Windows 7. The fix has been checked in for the IR4 release.
under [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Network Provider], add "AllowLoginAttemptsWithDefaultPassword" with a value of 0x00000000
This behavior is optional meaning by default, the Novell Client will attempt to automatically login to eDirectory based on the Windows user credentials. To suppress these attempts in environments where the Windows credentials are known not to work & intruder detection is an issue, you will need to distribute the registry setting to the workstations via ZENworks or any other workstation management method that can distribute the registry change. This update is only available for 4.91 sp4 and 4.91 sp5.
This issue has not been resolved for Novell Client 2.1 IR3 for Windows 7. The fix has been checked in for the IR4 release.