Re: ZCM 10.3.1 + Novell Client 2 SP1 (IR5) + W7 = Autologin - Micro Focus Community

theflyingcorpse · ‎2011-02-07

Hello,

I'm trying to autologin a computer with Windows 7 that has THE Novell Client 2 SP1 (IR5) installed and ZCM 10.3.1, during the deployment phase.

In NWCLIENT 4.91 SP5, I could simply dissalow the contextsearch and use the context supplied by the profile (it was overridden for deploy phase) and use the AutoAdminAllowContextlessLogin set to 0.

In Novell Client 2 SP1 (IR5), this setting doesnt work anymore.
I've tried the following scenarios:
- Set contextsearch directly in the same context as where the deploy user is, the profile to the same context, yet it fails.
- A special profile only for the deploy user(s), with the hardcoded context.

I think the issue "might" be that anonymous searches are not allowed on the context where the deploy user is, however this has not been a problem in the past since we could simply hardcode it to use it. I am able to login with the deploy user if I set it's context manually / using the special profile(without context search).

Any ideas? 🙂

theflyingcorpse · ‎2011-02-07

I ❤️ monologues!

So what I have todo instead is local admin login and do a eDir logon separately.
It feels clumsy, considering that the DLU's work properly on XP.

theflyingcorpse · ‎2011-02-07

K, that works, but it does not login the eDir user to ZCM, so its a new issue now...

dominicm · ‎2011-02-07

the dlu works well with a DLU policy for Win7. Or you could autologin the local user of windows with the "control userpasswords2" command.

If local user is autologed, the ZCM user will sync with the edir login. If no autologin, zcm can't log or it will try to log with the local user ...... but I don't understand why we can't tell zen directly to use eDir credentials...

lgrav · ‎2011-03-23

dominicm;2072649 wrote:
the dlu works well with a DLU policy for Win7. Or you could autologin the local user of windows with the "control userpasswords2" command.

If local user is autologed, the ZCM user will sync with the edir login. If no autologin, zcm can't log or it will try to log with the local user ...... but I don't understand why we can't tell zen directly to use eDir credentials...

in our zenworks 11 and win 7 64bits it doesent work, i opend a service request..
it logs the user in to windows automatic but the zenagent login popup asking for both user and password.
if i type it in it works.

dominicm · ‎2011-04-14

so is there a way to do the auto sync eDir to zcm? any news?

theflyingcorpse · ‎2011-04-15

Auto sync?

As in login new eDirectory profiles on a computer without a pre-existing local profile? Yes, use a DLU policy(Dynamic Local User).

dominicm · ‎2011-04-15

ok, so what I understand, is I have 2 choices to prevent users to enter a second login entry (the zcm login):

1- make a autologin manually on the machine for the windows login, so when a user boot, he enter his eDir credentials, and after the ZCM login is automatically sync with the eDir credentials. The Windows login is automatically authenticated before the eDir. After, the user gets his zcm applications.

2- configure a DLU policy in zcm zone, so the user will login to eDir, after the same result as the first option. The problem with DLU is that the user profile of the user will erase after some time, there is a max of 999 days in the DLU policy to allow the keeping of the existing profile. All the preferences, like the printers and some extra configs will be erased......

If I don't do either of these options, the ZCM login will try to sync with the WINDOWS LOGIN (because the win login are asked AFTER the edir box), if so, the client will have to enter a new login to log to the zcm.... not big deal

I think that Novell should add a configuration trigger feature in the agent to allow directly the sync between the Novell client and the zcm, so this way, if for some reason a autologin or a DLU doesn't work, the sync between eDir and zcm will be guaranteed...

AndersG · ‎2011-04-16

Dominicm,
> The problem with DLU is that
> the user profile of the user will erase after some time, there is a max
> of 999 days in the DLU policy to allow the keeping of the existing
> profile. All the preferences, like the printers and some extra configs
> will be erased......

I wonder if you might have misread the docs? That setting applies to
volatile users only, ie:

"Cache Volatile User for Time Period (Days)
Allows you to specify the number of days to cache the volatile user
account on the device. The default value is 5. You can specify a value
from 1 to 999 days."

Ie, in my experience, local accounts that are created as non-volatile
remain forever.

- Anders Gustafsson (Sysop)
The Aaland Islands (N60 E20)

Novell has a new enhancement request system,
or what is now known as the requirement portal.
If customers would like to give input in the upcoming
releases of Novell products then they should go to
http://www.novell.com/rms

ZCM 10.3.1 + Novell Client 2 SP1 (IR5) + W7 = Autologin fail

Agent Deployment

ZCM10