Duplicate LDAP calls when NSL is running in credential manager mode

  • 7005277
  • 03-Feb-2010
  • 26-Apr-2012

Environment


Novell SecureLogin

Situation

When NSL is installed in credential manager mode, an LDAP trace reveals that 2 identical LDAP transactions take place between the client machine and the LDAP server. 

Resolution

Working as designed.

After the initial Windows authentication has taken place, the credentials are passed from either the Novell Client or Windows itself to perform NSL's authentication and validation.  Once the Windows session has started, the NSL client re-binds to the directory to get the user handle.  That handle will be used to fetch the user's data from the directory and other SecureLogin operations.

This is required as NSL cannot start until the desktop opens and the user wants the NSL authentication to be complete before the desktop starts. So, the initial bind is for authentication and validation, and the second bind is for NSL's use.