Environment
Novell GroupWise 2014
Situation
You plan to implement a GroupWise security client option not to get prompted for a GroupWise password when a user is already authenticated to eDirectory.
You made sure that all configuration steps were done properly but despite of this fact, users get still prompted for the password although they are authenticated to eDirectory.
Resolution
Here is a small recapitulation of configuration steps needed to get this option active:
1. In webadmin console -> System -> LDAP Servers you need to create new Directory that represents your eDirectory system.
2. At a desired level, i.e. at a domain, Post Office or user you configure Client Options. Here in a Security tab -> Password section you enable "Use eDirectory Authentication instead of passwords" option.
3. Now a user object must be associated with the Directory, here eDirectory which you created in step 1. If you were upgrading from GW2012, it is better to disassociate older eDirectory attributes from a GroupWise user object and then associate it with new, GW2014 definition of eDirectory.
You can perform this "update" on all users via System -> Directory Association webadmin tool. In the Directory field select your new eDirectory, bellow then specify where are your users and activate "Override existing association" option.
So up to now all seems to be configured correctly but end users can be still prompted for a GroupWise password despite a user is already authenticated to eDirectory.
In order to make new security setting available and applied, you must run (at least once) MTA eDirectory synchronization and this must succeed.
On Windows system this MTA scheduled eDirectory sync can be easier to configure than on Linux based GroupWise systems. Therefore check our online documentation for more details if you are not familiar with this configuration.