Environment
Novell SecureLogin
NSL6.x
NSL7
Installed in LDAP Credential Manager mode (Option selected to launch SecureLogin"after logging into Windows")
SecureLogin uses eDir as data store
IDM synchronizes passwords between AD and eDir
NSL6.x
NSL7
Installed in LDAP Credential Manager mode (Option selected to launch SecureLogin"after logging into Windows")
SecureLogin uses eDir as data store
IDM synchronizes passwords between AD and eDir
Situation
User is prompted for password after AD password change.
User changes Windows password with Ctrl, Alt, Del, change password
IDM driver synchronizes new Active Directory password to eDirectory.
User is prompted for (new) password when cache refresh interval expires.
User changes Windows password with Ctrl, Alt, Del, change password
IDM driver synchronizes new Active Directory password to eDirectory.
User is prompted for (new) password when cache refresh interval expires.
Resolution
This is working as designed.
SecureLogin has no mechanism for receiving an updated password through IDM. The changed eDirectory password will be picked up on the next login.
SecureLogin has no mechanism for receiving an updated password through IDM. The changed eDirectory password will be picked up on the next login.
Additional Information
Note that when the cache is refreshed SecureLogin authenticates behind the scenes to the directory (in this case eDir) with the credentials provided at login. If these credentials are no longer valid the user will be prompted to authenticate one time.