postict
New Member.
5798 views

DLU and Novell client - only binary login, no eDir

I'm trying to get Dynamic Local user (DLU) and Novell client on a Windows Xp workstation. When I install only DLU I can login fine, but of course no Novell login script or drive mapping. Therefor I also want to have the Novell client installed. However when I install the Novell client and leave the DLU-gina in place I can login to the workstation, but again no Novell login, as i only get the possibility to login in Binary mode, which is obviously no option. When logged in, I have to "manually" right click the red N and choose "login...", which is obviously not done for a day-to-day user. When I replace the DLU-Gina by the Novell client gina I do not have the DLU feature, so this is also no option.

Is there a way to get DLU and Novell client to cooperate? Where is the manual? SBE should be an out of the box easy admin product, but due to lack if proper documentation it is even more difficult than OES....

Any help is much appreciated.
Labels (1)
0 Likes
17 Replies
Marcel_Cox Absent Member.
Absent Member.

Re: DLU and Novell client - only binary login, no eDir

It would help a bit if you told us what you are talking about. Typically,
DLU functionality in a Novell enviroment is provided by ZENworks Desktop
Management or ZENworks Configuration Management. However I have the
impression that you are using NOWS SBE and you are using the PGINA
solution. This is a solution only provided with NOWS-SBE and it is a
solution that is in reality targeted towards people that don't use Novell
clients. In any case, if you are using NOWS-SBE, that product is so
different from regular Novell products that you should rather post in the
NOWS-SBE forum:

http://forums.novell.com/novell-product-support-forums/open-workgroup-suite/ows-small-business-edition/

--
Marcel Cox
http://support.novell.com/forums
------------------------------------------------------------------------
Marcel Cox's Profile: http://forums.novell.com/member.php?userid=8
0 Likes
Knowledge Partner
Knowledge Partner

Re: DLU and Novell client - only binary login, no eDir

Problem is that I asked him to post here 🙂 There seems to be some info
about using the NW Client and PGIna here:

http://rulink.rutgers.edu/pgina.html



- Anders Gustafsson (Sysop)
The Aaland Islands (N60 E20)


Novell has a new enhancement request system,
or what is now known as the requirement portal.
If customers would like to give input in the upcoming
releases of Novell products then they should go to
http://www.novell.com/rms

0 Likes
postict
New Member.

Re: DLU and Novell client - only binary login, no eDir

Thanks for you reply.

As I expected, nor this forum or the NWOS SBE forum has experience with this combination of DLU & Novell client on the NOWS SBE.
As I already posted, Novell is providing the NOWS SBE admins with a solution, but has "forgotten" to properly document how to use and install on NOWS SBE (just refering to the DLU web-site is clearly not proper documentation).
I'll apparently have to open a Service request to get an answer, which is obviously not a very "healthy" way of implementing products. The info should have been provide by Novell directly in the manuals. NOWS SBE should be a product that can be used "right out of the box", but Novell has failed to achieve this (more than once)....
0 Likes
Knowledge Partner
Knowledge Partner

Re: DLU and Novell client - only binary login, no eDir

Postict,
> I'll apparently have to open a Service request to get an answer
>

Please do as that will give the issue more attention.

- Anders Gustafsson (Sysop)
The Aaland Islands (N60 E20)


Novell has a new enhancement request system,
or what is now known as the requirement portal.
If customers would like to give input in the upcoming
releases of Novell products then they should go to
http://www.novell.com/rms

0 Likes
Marcel_Cox Absent Member.
Absent Member.

Re: DLU and Novell client - only binary login, no eDir

One thing to try is configure passive mode login in the Novell client as
described int he client documentation here:

http://www.novell.com/documentation/noclienu/noclienu/data/b7gx7eq.html



--
Marcel Cox
http://support.novell.com/forums
------------------------------------------------------------------------
Marcel Cox's Profile: http://forums.novell.com/member.php?userid=8
0 Likes
Marcel_Cox Absent Member.
Absent Member.

Re: DLU and Novell client - only binary login, no eDir

BTW the fundemental problem of NOWS-SBE is that the product is a design
error in itself. The precusror of it was NetWare SBS which consisted of a
*real* NetWare, Groupwise and ZENworks Desktop Management. The only thing
that was limited was the number of users you got. However Novell probably
thought that they were giving away too much for too little money to SBS
users and so they created a new product which no longer was identical to
the products targeted to big companies so as not to give away too much
functionality. So instead of using the full OES as bases for NOWS-SBE,
they used a subset of it, and furthermore changed it quite a lot,
especially from the management/installation point of view. Instead of
including ZENworks, Novell dicided to be cheap and include an open source
DLU implementation called pgina. This is one of the biggest mistakes as
not does pgina integrate badly with a Novell client, it has fuirthermore
been discontinued more than a year ago and will never support Vista or
Windows 7. Furthermore, by making NOWS-SBE a separate product, this
required *extra* development and dcoumentation work from Novell and given
Novell didn't want to allocate the necessary resources to do this, the
whole result is very poor. The final error was to call the product
NOWS-SBE. This makes it sound that the product is identical with NOWS, a
bundle of OEs, Groupwise and ZENworks, but it definitely isn't the same
thing.
Because NOWS-SBE is such a special beast with a relatively little user
base, forum support for it is very poor as well. The people that do most
of the forum support are from bigger companies that use full Novell
products and as such are not familiar with NOWS-SBE and can't help
NOWS-SBE users.
All in all, it would have been better for everyone if Novell using the
same strategy as for NetWare SBS. E.g. make NOWs-SBE use the standard full
Novell products and only limit the number of users. That would have been a
win for everyone:
- the customers buying the product would have gotten better value and
better service because they could benefit from exactly the same support as
other Novell customers
- Novell would save a lot of development efforts because they wouldn't
have to create a separate product just targeted at a small market (from
the money point of view)

--
Marcel Cox
http://support.novell.com/forums
------------------------------------------------------------------------
Marcel Cox's Profile: http://forums.novell.com/member.php?userid=8
0 Likes
postict
New Member.

Re: DLU and Novell client - only binary login, no eDir

Marcel,

Thanks for the link.
But reading you comments it seems I'd better not "invest" time to get DLU (pgina) to work with the Novell Client. The problem is that when not having a MS Domain all users have to be created locally on every PC and password sync will create problems. I'd probably better of configuring the NOWS SBE server as a (samba) PDC as well....

I also do fully agree with your statement.
I've been "trying to" support NOWS SBE for more than a year and are still encountering problems that shouldn't have been in a released product. It seems never to be finished. Often looks more like a beta-stage product in many ways. I had hoped that Novell was following the same strategy as the Netware SBS versions. That product was much more mature.



Marcel_Cox;1909864 wrote:
One thing to try is configure passive mode login in the Novell client as
described int he client documentation here:

Novell Doc: Novell Client 4.91 SP5 for Windows XP/2003 Installation and Administration Guide - Enabling Passive Mode Login



--
Marcel Cox
http://support.novell.com/forums
------------------------------------------------------------------------
Marcel Cox's Profile: NOVELL FORUMS - View Profile: Marcel_Cox
0 Likes
Knowledge Partner
Knowledge Partner

Re: DLU and Novell client - only binary login, no eDir

Postict,
> I've been "trying to" support NOWS SBE for more than a year and are
> still encountering problems that shouldn't have been in a released
> product.
>

I agree and I have forwarded all your comments to the Product Manager.

- Anders Gustafsson (Sysop)
The Aaland Islands (N60 E20)


Novell has a new enhancement request system,
or what is now known as the requirement portal.
If customers would like to give input in the upcoming
releases of Novell products then they should go to
http://www.novell.com/rms

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: DLU and Novell client - only binary login, no eDir

"Marcel Cox" <Marcel_Cox@no-mx.forums.novell.com> wrote:

> One thing to try is configure passive mode login in the Novell client as
> described int he client documentation here:
>
> http://www.novell.com/documentation/noclienu/noclienu/data/b7gx7eq.html


From a purely Novell Client point of view, I agree with Marcel's
recommendation that the best level of integration possible between
Novell Client for Windows XP/2003 and pGina will be using PassiveMode
in conjunction with PassiveModeNDSLogin as described in the Novell
Client documentation reference.

However, from what I can see of the pGina design, pGina will have to
be allowed to perform the Windows logon. Which means instead of the
normal "PassiveMode means Novell's NWGINA calls through to Microsoft's
MSGINA" (or even "pGina can simply chain through to Novell's NWGINA"),
instead a configuration to make NWGINA call through to pGina will have
to be established.

Meaning in addition to configuring PassiveMode and PassiveModeNDSLogin
per the Novell Client documentation referenced above, also create the
following registry configuration to direct Novell's NWGINA to chain
through to PGINA.DLL instead of MSGINA.DLL by default:

[HKEY_LOCAL_MACHINE\Software\Novell\NWGINA]
"PassiveModeGinaName"="PGINA.DLL"

As such the Windows "GinaDLL" configuration should be "NWGINA.DLL", so
that the first GINA Windows invokes is Novell's GINA. But then due to
the "PassiveMode" configuration, instead of presenting the
Novell-specific login UI or performing the Windows account logon
itself, NWGINA is going to defer to an underlying GINA for those
actions. And because of the "PassiveModeGinaName" configuration, that
underlying GINA will be pGina instead of MSGINA. Finally, upon pGina
returning from a successful Windows account logon, due to the
"PassiveModeNDSLogin" configuration the Novell NWGINA.DLL will attempt
to initiate an eDirectory login using the same username and password
that was used for the Windows account logon.

Alan Adams
Novell Client CPR Group
alan.adams@novell.com

Novell
Making IT Work As One
www.novell.com

Upgrade to OES Community
http://www.novell.com/communities/coolsolutions/upgradetooes/
0 Likes
Marcel_Cox Absent Member.
Absent Member.

Re: DLU and Novell client - only binary login, no eDir

Alan Adams wrote:

>Meaning in addition to configuring PassiveMode and PassiveModeNDSLogin
>per the Novell Client documentation referenced above, also create the
>following registry configuration to direct Novell's NWGINA to chain
>through to PGINA.DLL instead of MSGINA.DLL by default:
>
>[HKEY_LOCAL_MACHINE\Software\Novell\NWGINA]
>"PassiveModeGinaName"="PGINA.DLL"
>
>As such the Windows "GinaDLL" configuration should be "NWGINA.DLL", so
>that the first GINA Windows invokes is Novell's GINA. But then due to
>the "PassiveMode" configuration, instead of presenting the
>Novell-specific login UI or performing the Windows account logon
>itself, NWGINA is going to defer to an underlying GINA for those
>actions. And because of the "PassiveModeGinaName" configuration, that
>underlying GINA will be pGina instead of MSGINA. Finally, upon pGina
>returning from a successful Windows account logon, due to the
>"PassiveModeNDSLogin" configuration the Novell NWGINA.DLL will attempt
>to initiate an eDirectory login using the same username and password
>that was used for the Windows account logon.


Great info! That should have been in the NOWS-SBE documentation. Maybe you
should at least write a TID with it.

--
Marcel Cox
http://support.novell.com/forums
------------------------------------------------------------------------
Marcel Cox's Profile: http://forums.novell.com/member.php?userid=8
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: DLU and Novell client - only binary login, no eDir

"Marcel Cox" <Marcel_Cox@no-mx.forums.novell.com> wrote:

> >[HKEY_LOCAL_MACHINE\Software\Novell\NWGINA]
> >"PassiveModeGinaName"="PGINA.DLL"

>
> Great info! That should have been in the NOWS-SBE documentation. Maybe you
> should at least write a TID with it.


I'm not able to speak for NOWS SBE on whether they intend to state or
imply that using the pGina solution in conjunction with the NCP client
is in any way recommended or supported in relation to NOWS SBE.

Also just be clear that this is all still in context of the "one thing
to try is configure passive mode login in the Novell client"
suggestion. "PassiveModeGinaName" is just one additional piece it
appeared to me would be required in order to actually test NWGINA's
PassiveMode against the pGina scenario.

Meaning I agree with the PassiveMode suggestion, but that is short of
saying pGina actually /works/ in conjunction with the Novell Client.
I'm not aware of that configuration having been tested or used for
pGina with or without NOWS SBE involvement. Novell ZENworks is the
only Dynamic Local User (DLU) scenario I'm aware of being tested with
the Novell Client for Windows.

But "PassiveModeGinaName" deserves at minimum to be added to the
documentation of optional configurations related to PassiveMode for
NWGINA.DLL, just like the PassiveModeNDSLogin is. I've contacted
documentation over adding that reference to the Novell Client doc.

Since this is still the configuration for attempting "how do I make
Novell NWGINA's PassiveMode chain down to a GINA other than MSGINA",
regardless of whether this approach works for overall success with
pGina or not (and in relation to NOWS SBE or not).

Alan Adams
Novell Client CPR Group
alan.adams@novell.com

Novell
Making IT Work As One
www.novell.com

Upgrade to OES Community
http://www.novell.com/communities/coolsolutions/upgradetooes/
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.