Environment
Novell Client 2 SP3 for Windows
Fingerprint reader authentication
Biometric authentication
Situation
No eDirectory connections are seen if using any third-party credential provider such as a fingerprint scanner to complete a Computer Only Logon.
Example Duplication Steps:
- From Credential provider, choose Novell Login
- Provide eDirectory Credentials
- Once you are prompted for Windows Credentials, use fingerprint scanner (or other biometric device).
- Login to workstation is successful.
- Right click Novell Red N | Novell Connections.
- List is empty.
The problem does not exist if, after you provide Novell Credentials and when you are prompted for Windows credentials, you manually provide Windows Credentials instead of using fingerprint scanner.
Resolution
Use the Novell Client's "Login with Non-Novell Credential Provider" configuration.
In the Novell Client Properties,
- Set "Novell Login" to "Off"
- Set "Login with non-Novell Credential Provider" to "On",
See TID 7004709.
Cause
Using a biometric device such as a fingerprint scanner invokes the corresponding credential provider, so that "entering a Windows username and password" isn't required for login.
When this happens, the Novell login simply stops. Then, a Windows-only logon is performed, since that's all the biometric device's credential provider knows how to do.
Additional Information
The first time you login using the "Login with Non-Novell Credential Provider" configuration, and/or if the Windows account password is not known or not in sync with eDirectory, the initial eDirectory login attempt will be interactive. But once the tree name and context have been saved during a successful login, and if the passwords are in sync, future logins would transparently login to eDirectory.
The other policy involved is "SmartCardLogonNotify" which is automatically set when enabling "Login with non-Novell Credential Provider". See TID 7008382.