gdrtx Absent Member.
Absent Member.
1326 views

SSPR & Client Login Extension (CLE)


I am running SSPR 3.2 connected to eDirectory (IDM 4.5). All IDM
components are running on SLES 11. We are looking to install CLE on our
Windows workstations and configure them to work with SSPR so users can
manage their network passwords through the CLE agent/SSPR instead of AD
because our AD password rules are less strict than our IDM password
rules. When we looked at the CLE documentation it looked like this was
supported but now as we are attempting to configure the agent we ran
across this line in the CLE document regarding SSPR

"NOTE:SSPR integration features are only supported in the Active
Directory environments."

Does this mean we can only use the CLE agent if we have SSPR pointed to
our AD domain and not to our eDir server?


--
gdrtx
------------------------------------------------------------------------
gdrtx's Profile: https://forums.netiq.com/member.php?userid=1660
View this thread: https://forums.netiq.com/showthread.php?t=54008

0 Likes
2 Replies
Knowledge Partner
Knowledge Partner

Re: SSPR & Client Login Extension (CLE)

I'm guessing that is a typo, or is out of context, or something, but I am
checking with NetIQ/Micro Focus now to figure out for sure.

--
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below...
0 Likes
Micro Focus Contributor
Micro Focus Contributor

Re: SSPR & Client Login Extension (CLE)

gdrtx;2402963 wrote:
I am running SSPR 3.2 connected to eDirectory (IDM 4.5). All IDM
components are running on SLES 11. We are looking to install CLE on our
Windows workstations and configure them to work with SSPR so users can
manage their network passwords through the CLE agent/SSPR instead of AD
because our AD password rules are less strict than our IDM password
rules. When we looked at the CLE documentation it looked like this was
supported but now as we are attempting to configure the agent we ran
across this line in the CLE document regarding SSPR

"NOTE:SSPR integration features are only supported in the Active
Directory environments."

Does this mean we can only use the CLE agent if we have SSPR pointed to
our AD domain and not to our eDir server?
------------------------------------------------------------------------------------------------------
IN Reply to the above query:

Does this mean we can only use the CLE agent if we have SSPR pointed to
our AD domain and not to our eDir server?

No, We could still use CLE agent and SSPR pointed to Edir which is only used to do "change Password" functionality through "Forgotten Password" flow where set of CR's are asked and upon answering those, We could go and reset the Password.

To achieve this we could use Novell client CP and upon clicking the "I have forgotten Password" link on Novell client CP, This would take us to SSPR pointed to Edir and thus facilitating "change Password" flow.

But the catch is ALL SSPR Integration features like below mentioned will not function.

->Force Enrollment
->Password Expiry Warnings
->Emergency access

For any other queries, Plz write to the below eMail.


Cheers,
Vittal | vittal.venkatesh@microfocus.com
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.