Enable eDirectory login when 802.1x server is not available

  • 7024698
  • 23-Jun-2020
  • 24-Jun-2020


Client for Open Enterprise Server 2 SP5
802.1x authentication


After successfully establishing an 802.1x login configuration, the administrator wants users to be able to authenticate to eDirectory even when the 802.x authentication (RADIUS) server is not available. The network switches are configured to allow full access when the 802.1x server is unavailable.  In this case, the "Computer Only" (Active Directory) login works, but Client for OES throws the error:

802.1x Authentication failed.  Timeout waiting for authentication to finish.  Network Login not attempted.


To adjust the 802.1x authentication timeout, open Regedit.exe and set a DWORD named "AuthTimeout" under [HKEY_LOCAL_MACHINE\Software\Novell\NovEAP]. This defines, in seconds, the timeout used during the eDirectory login.

Another registry setting, "DisableAuthenticationFailurePrompts", if defined as a DWORD value of 0x1 under [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Login\Tab Settings\EAP] will suppress the all 802.1x authentication failure messages, regardless of the reason for the failure.

Additional Information

There is also an 802.1x authentication attempt in the "Computer Only Logon" case, but it has a hard-coded and shorter default timeout, independent of the eDirectory login case.  This prevents an undue delay in the "Computer Only Logon" case when Windows itself can perform a cached domain login, and doesn't require network connectivity "immediately," as in the eDirectory login case.