Enhanced Security with Internet Explorer causes SecureLogin (SSO) to fail

Document ID:7005191
Creation Date:20-Jan-2010
Modified Date:07-Jun-2019
- Micro Focus Products:
  SecureLogin

Environment

Novell SecureLogin
NSL7
Internet Explorer
IE8 or IE7

Situation

Single sign on fails in IE8 or IE7 with Internet Explorer Enhanced Security configured
NSL 7 will not populate web page logins with IESSOObj Class disabled as an IE add-on (under "Tools," manage Add-ons)
NSL 7 will not populate web page logins if third party broswer extensions are disabled in Internet Explorer (under Tools, Internet Options, Advanced, Browsing)
How to configure NSL to interact with web pages not native to Internet Explorer (Groupwise embedded web-pages, etc)

Resolution

Solution #1. Disable enhanced security.

Solution #2. Use the following steps to change SecureLogin from using the Browser Helper Object (BHO) to binding to the Internet Explorer process itself.

1. Unregister IESSO
          regsvr32.exe /u iesso.dll
2. Change NSL's configuration to not use the BHO
          Open Regedit
          Browse to: HKLM\Software\Protocom\SecureLogin
          Create a new: DWORD:IESSOBHO        Value = 0
3. Register IESSO
          regsvr32.exe iesso.dll
4. Restart NSL

Additional Information

This registry key does not work with NSL7, but does work correctly with NSL7sp1.  It also works with NSL6.x.  

'Internet Explorer Enhanced Security Configuration' can be selected for install in Add Remove Programs/Add Remove Windows Components

Steps to duplicate:

1. In IE8, Tools, "Manage add-ons" disable the IESSOObj Class add on 
2. In IE8 Tools, Internet Options, Advanced, Browsing disable third party extensions
3. Set IESSOBHO to 0 in  HKLM\SOFTWARE\Protocom\SecureLogin\  
4. Reboot. 
5. Launch IE.  Novell SecureLogin v 7 will not populate any pages for which a script exists, but NSL6.x and NSL7.0sp1 will.