Highlighted
Frequent Contributor.
Frequent Contributor.
71 views

Windows Local username password and OES password not maching

Hello,

We are running eDirectory v9.0.3[DS] for Linux. Everything is very simple and almost minimal. We do not have Identity Manager installed. The workstations are mostly Windows 7 Pro but we do have some Windows 10 Pro and even a couple of XP's running. Each one has Client for OES installed and updated. The default sequence for logging is NDS.

Our users are setup the following way:

  1. We create a local Windows user with "username" and "password"
  2. We create an eDirectory user object with the same "username" and "password" as the local user.
  3. When login we check the box "Windows Password Synchronization"
  4. Without creating passwords policies we set up each user to be allowed to change the password, the minimum length and the days before it expires.

The problem is that every now and then the local windows user password does not match the Network Password. Users put in their eDirectory credentials, Network login is successful but are then asked for the Windows password. This seems to happen without a particular pattern, at least I cannot find it. Both Windows 7 and Windows 10 machines do this. It's not even after a password change, one user had 3 days before their Network password expires and this happened. It seems as if the Windows password has changed on it's own.

Can anyone direct me to as to what may be causing it or how to proceed with troubleshooting this ?

Thanks,

Labels (3)
0 Likes
1 Reply
Highlighted
Knowledge Partner
Knowledge Partner

Re: Windows Local username password and OES password not maching

If you do NOT use Universal Password, your eDir passwords are NOT case-sensitive and hence the following might happen:

Assume "userA" with password "Novell" (uppercase "N") defined for eDir and Windows. Now one day the user occasionally types "novell" (lowercase "n"). eDir login will succeed (as it's not case-sensitive), but the user will be prompted for the Windows password. He types it in (this time the "correct" way, i.e. "Novell") and checks the "synchonize" box. Now behind the scenes his Windows password will be changed to "novell". The very next day, when logging in, he types "Novell" as he's not aware that something has changed. Again, eDir login will succeed, but as the Windows password is by now "novell" he'll get prompted for a password. Now he'll likely type in "Novell" 'til the end of days without getting any further until someone with elevated rights resets the password.

 

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.