SecureLogin in LDAP mode prompts for password after AD password change

  • 7004598
  • 05-Oct-2009
  • 26-Apr-2012


Novell SecureLogin
Installed in LDAP Credential Manager mode (Option selected to launch SecureLogin"after logging into Windows")
SecureLogin uses eDir as data store
IDM synchronizes passwords between AD and eDir


User is prompted for password after AD password change.
User changes Windows password with Ctrl, Alt, Del, change password
IDM driver synchronizes new Active Directory password to  eDirectory.
User is prompted for (new) password when cache refresh interval expires.


This is working as designed.  

SecureLogin has no mechanism for receiving an updated password through IDM.  The changed eDirectory password will be picked up on the next login.

Additional Information

Note that when the cache is refreshed SecureLogin authenticates behind the scenes to the directory (in this case eDir) with the credentials provided at login.  If these credentials are no longer valid the user will be prompted to authenticate one time.