DLU fails after installing 3rd Party Credential Provider

Document ID:7016778
Creation Date:18-Aug-2015
Modified Date:18-Aug-2015
- Micro Focus Products:
  ZENworks Configuration Management

Environment

Novell ZENworks Configuration Management 11.3 Authentication

Novell ZENworks Configuration Management 11.4 Authentication

Situation

After installing software that includes a credential provider, ZCM DLU may fail because Windows only permits a single primary credential provider

Resolution

Disable the Non-ZCM 3rd Party Credential Provider

Each provider on the system is specified by a subkey whose name is the provider's CLSID under HKLM\Software\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers.

To disable the provider add a REG_DWORD value "Disabled"=1 to that provider’s CLSID subkey.

Cause

DLU is for managing local Windows Accounts and controlling the initial Windows authentication process, which necessitates that the ZCM credential provider is in control of the initial Windows logon process.

ZCM does support background ZCM authentication using a credential provider hook when 3rd party credential providers are installed, but DLU cannot logically operate after Windows has already authenticated the local user.