Environment
Novell GroupWise 2014 R2 Support Pack 2
Situation
GroupWise Windows client users are prompted for a password when attempting to login to their GroupWise mailbox, when all documented configuration requirements have been properly met for eDirectory Single Sign-On.
Resolution
An improper value in an eDirectory user(s) object attributes, as seen in iManager, was modified to resolve this issue.
The GroupWise users are members of an eDirectory template object created in ConsoleOne when they originally had GroupWise 8. The GroupWise users were inheriting the template user attributes.
In iManager, properties of a problem user, General tab, "Other" menu selection, under "Valued Attribute" , there was listed an attribute called "NGW: User ID", the improper value listed was "DClark".
Once all "NGW:" attributes were removed under "Valued Attributes" the problem went away and users could successfully use eDir SSO with GroupWise.
Since this eDirectory template was later deleted and a new template created in iManager, this is also a solution to the issue.
Cause
Corrupted eDirectory template object in which users inherited eDirectory user attributes.
Additional Information
Note: The value "DClark" was not the correct user id of the user authenticated to eDirectory on the Windows workstation or the GroupWise UserID.
16:36:05:000 2B4E C/S Login Windows Net Id=CN=QGTestUser OU=Metro, O=HQ ::GW Id=DClark :: 192.168.1.10
16:36:05:000 2B4E Novell client credentials reeceived:
16:36:05:000 2B4E Name = CN=QGTestUser,OU=Metro,O=HQ
16:36:05:000 2B4E Tree = ourTree
16:36:05:000 2B4E LDAP GUID = <Guid value>
16:36:05:000 2B4E System GUID = <Guid value>
16:36:05:000 2B4E Redirecting user DCLARK to 192.168.1.121:1677
-----------------------------
-----------------------------