Environment
Novell ZENworks Configuration Management 11.2 Authentication
Situation
Active Directory is configured as user source
Managed device has been installed or updated with ZCM agent 11.2.
Some users do not get authenticated to ZCM
Related user accounts have been moved to a different folder in the user source
CASA client logs error code -939589594 which means invalid user credentials
Managed device has been installed or updated with ZCM agent 11.2.
Some users do not get authenticated to ZCM
Related user accounts have been moved to a different folder in the user source
CASA client logs error code -939589594 which means invalid user credentials
Resolution
This is fixed in version 11.2.2 - see KB 7010757 "ZENworks Configuration Management 11.2.2 - update information and list of fixes" which can be found at https://support.microfocus.com/kb/doc.php?id=7010757
Note the fix above does not work if SAMAccountName is different than CN.
Workaround:
Remove the cached full distinguished name for the affected user account in the Windows registry
HKEY_LOCAL_MACHINE\Software\Novell\ZCM\ZENLgn\History\Cache\<Domain Name> String: <User Name>=<Full Distinguished Name of user object>
Workaround:
Remove the cached full distinguished name for the affected user account in the Windows registry
HKEY_LOCAL_MACHINE\Software\Novell\ZCM\ZENLgn\History\Cache\<Domain Name> String: <User Name>=<Full Distinguished Name of user object>
Cause
The ZCM agent caches the full distinguished name of logged-in user
since ZCM 11.2 so that subsequent logins do not need to search the
respective domain for the folder of these user objects,
accelerating ZCM login with Active Directory-based user source. But
after a user object got moved to another folder, the cache does not
get cleared causing ZCM authentication to fail.