SecureLogin in LDAP mode does not recognize password change made over NCP connection

  • 7005072
  • 21-Dec-2009
  • 26-Apr-2012

Environment

NSL6.1 installed in LDAP/ Credential Manager mode
NSL7 installed in LDAP/ Credential Manager mode
DoNTAssoc set to "1" or DoClientAssoc set to "1." (Same behavior either way)
Novell Client for Windows 4.91sp5 installed on workstation

Situation

Password changes made via "ctrl, alt, del change password" are not picked up until user again enters credentials.
Problem occurs when SecureLogin connects to eDirectory via LDAP, and the password change is initiated over an NCP connection.
New password is not passed from the Novell (NCP) Client to SecureLogin LDAP client. 
New password is not picked up by SecureLogin until manually entered by the user.
Problem occurs with SecureLogin in LDAP mode.
Problem does not occur with SecureLogin installed in eDir / Client mode (i.e. NSL client shares NCP connection with the Novell Client).
Problem does not occur if password change is initiated through SecureLogin LDAP Gina

Resolution

Working as currently designed.  Password changes initiated over an NCP connection are not communicated to an LDAP connection.

Enhancement request has been entered.

Additional Information

Steps to duplicate:
1. User boots workstation and logs into eDirectory tree trough the Novell
Client for Windows GINA.
2. SecureLogin makes an LDAP connection to the same tree behind the scenes.
SecureLogin "About" shows the primary store as LDAP-Available.
3. Run a notepad script that displays ?sysuser and ?syspassword.  These
credentials show the values entered by the user to login, as expected. 
4. Press "ctrl, alt, del change password" and change the password for the tree.
5. Run the notepad script again.  The new password is not displayed; the values
shown for ?sysuser and ?syspassword will not have changed. The expected
behavior would have been that the new password would have been typed into
notepad.
6. Hit refresh cache, manage logins, or let the cache refresh interval expire.
NLDAPAuth will prompt the user to authenticate, and will require the new
password.
7. Run the notepad script again.  This time the new password will be displayed.


Feedback service temporarily unavailable. For content questions or problems, please contact Support.