AppNote: Novell Client 4.9 SP2 : Initialization, Login and Settings
Novell Cool Solutions: AppNote
By Earle Wells
Reader Rating 
from 96 ratings
|
Digg This -
Slashdot This
Updated: 13 Apr 2006 |
This article describes the operation of the Novell Client, from boot-up of the machine, through the user login. It discusses how the Client uses defined protocols to locate resources and authenticate a user. It also contains a comprehensive listing of the various settings available to control the behavior of the Client.
Contents:
- The Novell Client Initialization and Login Process
- Machine Boot -- The First Steps
- Tree, Server and Context Settings in the Novell Client
- What Happens Next
- Novell Client Settings
- Client Tab
- Location Profiles Tab
- Advanced Login Tab
- Service Location Tab
- Advanced Settings Tab
- Advanced Menu Settings Tab
- Default Capture Tab
- Protocol Preferences Tab
- LDAP Contextless Login Tab
- Single Sign-on Tab
- DHCP Settings Tab
- DSCAT Contextless Login Tab
- Update Agent Tab
- Keys not settable via Client Properties
Previously Undocumented Settings Added April 13, 2006 
The Novell Client Initialization and Login Process
This descriptive analysis assumes the following general configuration:
- Novell Client 4.9 SP2
- Default (Typical) Installation
- LDAP Contextless Login enabled
- Enable LDAP Contextless Login checked
- Tree and Server names supplied
- Protocol: IP
- Name Service Providers enabled
- NDS
- Host File
- DNS
- SLP
Machine Boot -- The First Steps
Unless a static IP address has been configured for the workstation, the first Novell Client-related event that happens when the workstation starts is a DHCP (Dynamic Host Configuration Protocol) broadcast request sent by the TCP/IP stack (not the Novell Client), in order to obtain an IP address. The reply from the DHCP server includes the following items:
- Assigned IP Address
- Server IP address
- Subnet mask
- Gateway address
- DNS address(es)
Now that the workstation has an IP address, it next sends an ARP (Address Resolution Protocol) packet. ARP is used to find the hardware address of a known IP address. In order to communicate with any other device on the network, you MUST know the Media Access Control (MAC) (also known as Data Link Control (DLC)) address of the target device. In this case, the workstation sends an ARP simply to determine if anyone else on the network has the address it has just been assigned. Hopefully, no one else does. If another workstation has the same address, the address conflict will need to be resolved before continuing.
Once the workstation has verified that it has a unique IP address, it is ready to begin learning about other resources available on the network. First, the workstation sends a DHCP Inform packet. This is sent as a broadcast, to inform every other device of the workstations MAC address. This broadcast occurs regardless of how the workstation received its IP address.
Another DHCP request is broadcast, asking for information available from the DHCP server. A key component of the Client's DHCP request is information concerning Service Location Protocol (SLP) settings. For more information about configuring SLP in the NetWare environment, see TID 10062474, "SLP Design and Implementation Guidelines."
The DHCP options that can be used to issue SLP configuration information are:
- 63 - (12, 13, 14) - CMD settings
- 78 - Directory Agent List. Valid entries are DNS names or IP addresses.
- 79 - SLP Scope. If this is not set, it will assume the UNSCOPED scope.
Other key Novell Client DHCP options are:
- 85 - Preferred Server
- 86 - Preferred Tree
- 87 - Name Context
With the typical configuration, the Client requests the following DHCP options:
- 78 - Directory Agent List
- 79 - SLP Scope
- 85 - Preferred Server
A DHCP server will then reply, providing information about these services.
At this time, the Client will issue an Internet Group Management Protocol (IGMP) report. SLP uses IGMP to join a multicast group. This is done with a multicast packet (sent to multicast address 224.0.1.22), with notifies its neighbors, "I am willing to accept multicast packets."
At this point, the Novell Login GUI is displayed on the workstation's monitor.
Tree, Server and Context Settings in the Novell Client
The Novell GUI is one of three locations where the user can specify Server, Tree and Context settings. These include:
- The Login GUI
- The Client tab on the Novell Client Configuration panel
- Within a location profile on the Location Profile tab on the Novell Client Configuration panel
1. The Login GUI
When the Advanced button is selected, the Login GUI provides fields for the Server, Tree, and Context. The information needed to authenticate must be supplied, or the login will fail. For example, if a username and password is specified without providing a tree or server, an error will be returned and the login will not be successful. Or, if a tree is specified without the user's context (and the user object does not exist in the partition root), the login will fail. Specifying either the tree or the server, along with the context, will allow for a successful login.
The Tree and Server fields can be populated in various ways. The obvious method of manually typing in accurate values will result in a successful login. However, these field can be completed using other methods including (without considering other products interfacing with the Client) location profiles, DHCP, and LDAP Contextless Login.
Location Profiles
When a location profile is selected, the values in the Server, Tree, and Context fields are automatically used to populate the Login GUI. The default location profile is most commonly used, but additional profiles can be defined, and, when the Location List option is set on, the additional profiles can be selected from the Login GUI. If the Server, Tree, and Context values are subsequently manually changed in the Login GUI, they will be saved in the current location profile, overwriting the existing values. Location profiles are stored in
HKLM\Software\Novell\Location Profiles
This behavior is controlled by a configuration setting . Each location profile has a "Save Profile after successful login" option.
DHCP
The Client can query DHCP to populate the Server, Tree, and Context fields. This requires a DHCP server properly configured to deliver DHCP options 85, 86, and 87, which correspond to the Server, Tree, and Context fields, respectively. These options are set on the Client on the DHCP Settings tab on the Novell Client Configuration panel. This tab also allows you to set the Login Service to which you want these values applied. Note that DHCP-delivered values first populate the location profile which, in turn, populates the Login GUI. The values are then saved for the location profile, assuming that the "Save profile after successful logon" option is set on in the location profile.
LDAP Contextless Login
When this option is properly configured, the LDAP Contextless Login extension will populate the values for the User, Tree, and Context fields. If the LDAP lookup is successful, and only one matching entry is found for the specified user, the fields are automatically populated, and the user need only present his/her password in order to login. If multiple matching entries are found, a popup box is presented with the choices, from which the user can select the appropriate entry. As with the DHCP option, the values are saved in the location profile, assuming that the "Save profile after successful logon" option is set on in the location profile. For more information about LDAP Contextless Login, see Taking Things Out of Context: Using LDAP Contextless Login in Your Network, in the September 2003 issue of Novell AppNotes. See http://developer.novell.com/research/ebooks/September2003.pdf.
2. The Client tab on the Novell Client Configuration panel
This pane provides fields for the Preferred Server and Preferred Tree settings. While the interface for the 95/98 and NT/2K/XP clients is the same, the functionality of these fields is different between these clients. For the NT/W2K/XP client, these fields are used only to populate the choices in the drop-down list on the Login GUI. That is, if values are stored in the Preferred Server or Preferred Tree fields, they will do nothing except provide that value as a choice when, on the Login GUI, the user clicks the down arrow on the Tree or Server fields (visible when the Advanced button is selected). These values are stored in
HKLM\System\Current Control Set\Services\NetwareWorkstation\Parameters].
3. Within a location profile
As described above, values can be stored in location profiles defined on the Location Profile tab on the Novell Client Configuration panel. The default profile is commonly used. If configured, these values will automatically populate the corresponding fields in the Login GUI.
What Happens Next
Assuming that the Server and Tree fields are both completed, the Client will attempt to locate first, the Server, then, if that is unsuccessful, the Tree, using the name providers selected in the Protocol Preferences tab on the Novell Client Configuration panel. If only the Server or Tree field is provided, the Client uses that information to attempt to make a connection to the resource.
The Client forms requests to locate services based on the information provided. For example, if the Server field contains a DNS name of the server (such as "SERVER1", defined in the DNS server as representing FQDN "SERVER1.NOVELL.COM"), the Client will attempt to first identify the corresponding IP address, then ARP for the MAC address corresponding to that IP address, in order to make a connection with that resource. If, on the other hand, an IP address is provided in the Server field, the Client simply ARPs to get the server's MAC address, and then goes on to establish the connection.
The Client will begin communicating with a Directory Agent (DA). It learned the IP address of the DA from the DHCP server, in response to the Option 78 request. (Or, if DHCP is not configured to provide the answer, another method will be utilized, including a statically configured address, or through a multicast request.) The Client issues an SLP Service Request as a unicast to the DA (or DAs, if multiple entries were returned from the DHCP server). The DA responds with information about itself, including language, encoding, URL, and a scope list.
Earlier in the process, the DHCP server provided the workstation with the address of the DNS server.
The Client is now ready to begin discovering the resources needed to authenticate and login to the network. To do this, it will use the Name Service Providers which have been enabled. In the typical installation, these include NDS, Host File, DNS, and SLP.
These Name Service Providers are associated with the "Preferred Network Protocol" on the "Protocol Preferences" tab of the Novell Client Properties page. The Client will cost the Name Service Providers (also referred to as "Protocol Component Settings") according to the Preferred Network Protocol setting specified. For example, if "IP" is the preferred network protocol, the Name Service Providers enabled for IPX will be costed higher than those for IP. This functionality has been improved in the 4.9 version of the Client over what was available in the 4.83 version.
Unlike the 95/98 client, the 4.9 SP2 Client does not list the protocol component settings in any order, and there is no default order. Also, the 4.9 SP2 Client is designed to query all name providers at the same time, potentially improving performance over the 95/98 client, which did these operations serially.
So, in no particular order, and at about the same time, the workstation now sends requests to the DNS server, and SLP, requesting the tree name defined in the currently used location profile.
The Client never makes network requests for any Host File information since this file is local to the workstation. The "Host file" name resolution method uses the "HostFile" value under [HKLM\SYSTEM\CurrentControlSet\Services\NWHOST\Parameters]] to define which file will be used. The default/only value ever asserted here is the %SystemRoot%\System32\drivers\etc\hosts file, which is the same file most Windows TCP/IP services will also be using.
NDS will not be used as a name resolver at this point, since there is no known NDS resource available. Later, after the user is autenticated and NDS is available, it will be used for name resolution.
The Client will utilize the information obtained from the first Name Service Provider to respond with valid information. For example, if the Client were to request information to locate a resource via DNS and DNS fails to locate the object, the Client would look to another of the configured name service providers to locate the desired resource.
Referring to DNS specifically, if DNS cannot locate a name, it will strip off the topmost domain name and retry the request. For example, after failing to locate "my_tree.provo.novell.com", it would try "my_tree.novell.com". If this is unsuccessful, no further attempts would be made.
The Client makes these requests to several name providers at once. All Name Service Providers will return the same information, so it doesn't matter if multiple responses are returned from different name providers. The Client will use the first one received and ignore the other responses. There is no mechanism to cancel pending requests.
For example, an SLP request will be made in a UDP packet sent to the DA on port 427. The Client will be looking for the service
ndap.novell//(svcname-ws==<tree_name>.)(svcname-ws==*.<tree_name>.))/
Where ndap = Novell Directory Access Protocol
Another SLP request may be made for
bindery.novell//(svcname-ws==<tree_name)/
The DA will reply with
url: service.ndap.novell:///<tree_name>
Next, the Client will make another request to the first DA which responded, this time asking for the IP address of the replica server. This attribute request will be in the form
svcaddr-ws for service:ndap.novell:///<tree_name>
The DA will then reply with the IP addresss of the replica server.
As was mentioned earlier, the workstation needs the MAC address of the server in order to communicate with it. To get the address, it sends an ARP broadcast packet.
The DA may return information about multiple replica servers (multiple entries can be returned in a single packet). Because of this possibility, the Client needs to find which replica server is "closest" in order to find the most effective communication path. To do this, it costs the routes using the Internet Control Message Protocol (ICMP) protocol. These "IP Costing" packets can be distinguished by the string "Novell Net Service Route Request" contained in the packet data. If IP Costing is not enabled the Client simply uses the first address returned by the DA (or the first IP address on the list if the DA returns more than one in a response). For more information about IP Costing, See the entry for "IP Address Costing" in the Appendix of this document. See also TID 10053626.
Now, with the MAC address of the "nearest" replica server, the Client workstation is ready to establish an NCP connection with that server. First, a TCP connection must be established. This is accomplished with the "three way handshake" (SYN-SYN-ACK). As part of this handshake, the Client makes a request to communicate with the server on a certain port number (524). Since the server is listening on this port, a response is sent back to the requesting Client.
Common ports used by Novell software are documented in TID 10071836.
To create the NCP service connection, the Client issues an NCP Connection Request (0x1111). The server responds, issuing a connection number for the Client workstation to use during that session.
The workstation then requests and receives information from the server, about the server. The include items such as:
- Maximum Packet Size
- File Server Name
- File Server Version
- File Server features offered
- NCP Service Network Addresses
Next, the Client needs to be able to query the server. To accomplish this, the Client workstation sends a "Ping for NDS NCP" request. NDS on the server responds with the tree name, the NDS version, and the distance from the root most entry on that server.
Presented with the Novell Login GUI, the user enters the username (if not already defined in the location profile) and presses <TAB> (or clicks the mouse) to move to the "password" field. This action triggers the Lightweight Directory Access Protocol (LDAP) Contextless Login sequence. This sequence consists of the following steps:
- Using DNS, locate the LDAP server configured in the Novell Client Properties.
- Create a TCP connection with the LDAP server.
- Obtain the needed LDAP information, using the following steps:
- Bind
- Search for treename
- Search for username
- Unbind
- Tear down the TCP connection to the LDAP server.
By default, the LDAP Contextless Login feature included in the 4.9 and higher client will search the entire tree for matching usernames and return ALL user names. This is desirable for many scenarios. However, a registry setting, "Search all scopes", documented in the Novell Client Settings section of this document (also TID 10093044), enables a feature that limits the LDAP Contextless Login search to a context or a context and its Subtree. The ability to narrow the search scope benefits organizations that span WAN links or large tree designs. Additionally, multiple scopes can be configured for one client. The default behavior in a multi-scope LDAP Contextless Login configuration is to search all scopes and return all matching usernames. Some environments will find that continuing to search for usernames in all scopes even after a match has been found to be inhibitive due to slow WAN links and large trees.
The option entitled "Enable LDAP Context Search Scope (previously referred to as "Context Pruning") allows you to limit the search scope to a specific context or to a specific context and subtree.
The Client now uses NDS to authenticate the user. During this process, the Client makes a number of NDS requests to get information about the user object. Part of this process involves the NDS public and private keys.
Public key encryption uses two keys, one to encrypt and the other to decrypt. The network entity that will receive messages (in this case, the server) generates a key pair and distributes the public key. Services that send encrypted messages must do so with the public key, and the holder of the private key can then decrypt the messages.
With the public key, it is possible to encrypt messages to a client that possesses the matching private key, and only the private key can decrypt the messages encrypted with the public key. Since only one person has the private key, only one person can decrypt your messages.
Conversely, a sender can encrypt data using the private key. The recipients of this message use the public key to decrypt the message. If the decryption is successful, the recipient can be sure that the message was encrypted with the corresponding private key. In this case many people can decrypt the message, but only the holder of the private key could have generated the message.
The exchange follows this pattern:
Begin Login (This process establishes a login session.)
- Client sends request to login to NDS and passes the users NDS EID (Entry ID, a unique identifier assigned to each object in NDS) in the request.
- The server reads its private key from NDS and then encrypts the login data. This data is sent back to the client making the request for login.
- The client then resolves the server object from NDS to acquire the servers NDS EID. After the server returns the servers NDS EID the client makes another request to read the public key attribute for the NDS EID of the server.
- The client takes the supplied Public Key and decrypts the login data that was sent by the server in response to the login request.
Finish Login (This process validates the user's credentials.)
- The client makes a request to the server to finish login. Within the request is the user credentials and login data. All of this information is encrypted via the server's public key.
- The server reads its private key from NDS and then decrypts the client credentials and login data. If successful then NDS will then reply with validated login information. This data is encrypted with the user's private key. If the user credentials do not match what is stored in NDS then the login session will be terminated and an error returned.
- The client must now resolve the user object to retrieve the NDS EID for the user object. The client will then use the NDS EID supplied to request to read the public key attribute of the user object. This is due to the fact that the last server message was encrypted with the user's private key. This process ensures that not only the proper username and password combination was passed but also that the key pairs match. It could be possible for two different users to have the same username and password at different levels of the tree.
- The NDS server returns the users public key. The client takes this public key and decrypts the finish login request encrypted data.
Begin Authentication (This process establishes an authentication session.)
- The client now needs to get the servers public key attribute again so that it can pass more encrypted data back to the server. The data passed is generated from the login data received during the login process. The keys are not cached beyond the current key so since we had read the users public key prior to needing the servers public key we will need to make this request again. The reason we do not cache keys pairs are because there is no guarantee that they will not change in NDS since it is loosely consistent.
- The NDS server sends back the servers public key attribute.
- The client encrypts its begin authentication data with the servers public key and then sends it to the NDS server.
- The server reads the private key attribute of the server object and then decrypts the authentication data supplied by the client. If successful the server will again encrypt authentication data with the server's private key and then send it back to the workstation. If this process fails then the authentication process is terminated and an error is returned.
Finish Authentication (This process validates that NDS can acquire an NLS (Novell Licensing Services) license and authenticate the user to the tree.)
- The client takes the authentication data and encrypts it with the server's public key.
- At this point the server reads from NDS the private key attribute of the server object in NDS and decrypts the finish authentication data. NDS will then attempt to establish a session with NLS and acquire a license in the tree. If no license is available or NLS fails then the authentication will fail and an error returned to the client. This is typically the 0x8901 error. If the license can be acquired the NDS database will return a success.
- At this point the client has logged in to NDS and authenticated. Now we are ready to establish a licensed connection to the NCP server. We already have a connection to the NDS server so we just issue an NCP request to change connection state from temporary to licensed.
It is important to note that the actual password is never sent across the wire, nor stored in eDirectory. The private key in eDirectory is a hash that was generated by the password. The password is a seed for the hash. When a user types in their credentials at the client, the password is used along with the public key to create the encrypted message. The encrypted message is sent to the server. The server does not care what the message is, just that it can decrypt it using the private key that is stored on the user object (which is a hash that was originally created using the same password) and the public key. If the decryption is successful, NDS assumes that the correct password was used to encrypt the message.
After the successful exchange of encryption data, the Client requests that the server change the user's connection state from "temporary" to "logged in." Finally, the Client uses NDS to read other User attributes such as full name, login script, etc. The login script is executed, which completes the login process.
Earlier in this document, we discussed how the Name Service Providers are used to locate resources. After successfully authenticating, the NDS Name Service Provider is routinely used to locate services. For example, when mapping a drive to a server to which no connection has been established, the Client will use NDS along with other Name Service Providers to resolve the name.
Below are diagrams which provide a high-level overview of the login process within the Novell Client.
| The three main components involved in the login process are NWGINA.DLL, LGNWNT32.DLL, and LOGINW32.EXE. While the interaction between these components is very complex, a simple way to understand their major functions is as follows: NWGINA.DLL -- interfaces with the Microsoft operating system LGNWNT32.DLL -- interfaces with NetWare LOGINW32.EXE -- interfaces with the user USERINIT.EXE is a Microsoft component that plays a key role in starting the other modules, and in ultimately launching the Windows desktop. This diagram on the right deals with configuring the location profiles. |
NWTRAY.EXE is the red "N" seen in the system tray. When the "Novell Client Properties" item is selected, NWSETUP.DLL is used. LOGINW32.EXE provides the user interface for using the profile. |
For additional details about how the Novell Client operates during a user login, see TID 10096674.
Section 2: Novell Client Settings
This section documents many of the settable parameters which control the behavior of the Novell Client. It is organized under the following sections, corresponding to the tabs on the Novell Client Configuration page.
Client Tab
Location Profiles Tab
Advanced Login Tab
Service Location Tab
Advanced Settings Tab
Advanced Menu Settings Tab
Default Capture Tab
Protocol Preferences Tab
LDAP Contextless Login Tab
Single Sign-on Tab
DHCP Settings Tab
DSCAT Contextless Login Tab
Update Agent Tab
Keys not settable via Client Properties
Each setting is presented in the following format:
| Setting Name: | Typically, the name as presented in the Novell Client Properties pages. |
| Logical Value Type: | The logical type of the setting (Number, ON/OFF, etc.). |
| Range From: | The lowest value allowable for this setting. |
| Range To: | The highest value allowable for this setting. |
| Default Value: | The default value used by the Novell Client when newly installed. |
| Registry Key: | The location in the registry where this setting is stored. |
| Registry Value Name: | The exact name as entered in the registry. |
| Default Registry Data: | The data stored in the registry when the Novell Client is newly installed. |
| Registry Value Data Type: | The data type for this setting (DWORD, REG_MULTI_SZ, etc.) |
| Help/Comment: | Help text available in the Novell Client Property pages, and additional information which may be helpful in understanding the purpose and operation of the setting. |
Client Tab
| Setting Name: | First Network Drive* |
| Logical Value Type: | Number |
| Range From: | 0x00000001 |
| Range To: | 0x0000001a |
| Default Value: | 0x00000006 |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Parameters] |
| Registry Value Name: | First Network Drive |
| Default Registry Data: | 0x00000006 |
| Registry Value Data Type: | DWORD |
| Help/Comment: | This parameter sets the first network drive to the drive letter of choice when you connect to a NetWare server. The first network drive applies to any user logging in to the network using the workstation where it is set. |
| Setting Name: | Preferred Server |
| Logical Value Type: | STRING |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | No Default Value |
| Registry Key: | [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ NetWareWorkstation\Parameters] |
| Registry Value Name: | Preferred Server |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: | The help text is wrong. This setting does nothing in the 4.9 client except to populate an entry in the server dropdown list of the Novell Login GUI. |
| Setting Name: | Preferred Tree |
| Logical Value Type: | STRING |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | No Default Value |
| Registry Key: | [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ NetWareWorkstation\Parameters] |
| Registry Value Name: | Preferred Tree |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: | The help text is wrong. This setting does nothing in the 4.9 client except to populate an entry in the tree dropdown list of the Novell Login GUI. For ZEN4 and above, the tree is used for workstation manager if the import process uses user information to create the object. If user information is not required to create the workstation object, then this is not used. |
| Setting Name: | Product name |
| Logical Value Type: | STRING |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | No Default Value |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\NetWareWorkstation\ CurrentVersion] |
| Registry Value Name: | ProductName |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: |
| Setting Name: | Version |
| Logical Value Type: | STRING |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | No Default Value |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\NetWareWorkstation\ CurrentVersion] |
| Registry Value Name: | MajorVersion + MinorVersion + Service Pack + BuildNumber |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: |
| Setting Name: | ACU version |
| Logical Value Type: | STRING |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | No Default Value |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\NetWareWorkstation\ CurrentVersion] |
| Registry Value Name: | MajorInternalVersion + MinorInternalVersion |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: |
| Setting Name: | Support Pack Files (button) |
| Logical Value Type: | STRING |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | No Default Value |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\NetWareWorkstation\ CurrentVersion] |
| Registry Value Name: | Service Pack Files + Services Pack Files 2 + Service Pack Files 3, etc. |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: |
| Setting Name: | Tree-name context pairs |
| Logical Value Type: | STRING |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | No Default Value |
| Registry Key: | [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ NetWareWorkstation\Parameters\Trees] |
| Registry Value Name: | Key N/A |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: | Specifies the location of each User object in the eDirectory tree for NetWare 4 and later users using NDS. It does not apply if you are logging in to a NetWare 3 server or a NetWare 4 server using bindery services. The name context applies to any user logging in to a specified tree using this workstation. Because it is possible to log in to multiple trees, each tree has its own designated name context. You can change the tree and the name context when you log in. However, a user can have only one name context in any one tree. Value is treename, valuedata is context. |
Location Profiles Tab (registry locations refer to the default profile)
| Setting Name: | Save Profile after successful login |
| Logical Value Type: | OFF/ON |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | ON |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Location Profiles\Services\{1E6CEEA1-FB73-11CF-BD76-00001B27DA23}\ Default] |
| Registry Value Name: | Save On Exit |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | DWORD |
| Help/Comment: | If this box is checked, then the profile will be changed to reflect the last set of information used to log in. This includes all the information on the Novell Login tabs such as context, tree, and script settings. |
| Setting Name: | Credentials |
| Logical Value Type: | STRING |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | "Credentials" |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Location Profiles\Services\{1E6CEEA1-FB73-11CF-BD76-00001B27DA23}\ Default] |
| Registry Value Name: | Tab |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: | Inactive tabs do not take up a space. |
| Setting Name: | Credentials - username |
| Logical Value Type: | STRING |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | No Default Value |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Location Profiles\Services\{1E6CEEA1-FB73-11CF-BD76-00001B27DA23}\ Default] |
| Registry Value Name: | UserName |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: |
| Setting Name: | Password Enable |
| Logical Value Type: | OFF/ON |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | ON |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Location Profiles\Services\{1E6CEEA1-FB73-11CF-BD76-00001B27DA23}\ Default] |
| Registry Value Name: | Password Enable |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | DWORD |
| Help/Comment: | Specifies whether or not the password field appears in the login GUI. |
| Setting Name: | NDS Active Authenticator |
| Logical Value Type: | STRING |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | "NDS" |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Location Profiles\Services\{1E6CEEA1-FB73-11CF-BD76-00001B27DA23}\ Default\Tab1] |
| Registry Value Name: | Tab |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: | Used by NDS and Bindery tabs.Set to "NDS" or "Bindery." NDS OR Bindery can be active, not both. |
| Setting Name: | NDS Tree |
| Logical Value Type: | STRING |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | No Default Value |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Location Profiles\Services\{1E6CEEA1-FB73-11CF-BD76-00001B27DA23}\ Default\Tab1] |
| Registry Value Name: | Tree |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: | No default, but set during installation? |
| Setting Name: | NDS Context |
| Logical Value Type: | STRING |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | No Default Value |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Location Profiles\Services\{1E6CEEA1-FB73-11CF-BD76-00001B27DA23}\ Default\Tab1] |
| Registry Value Name: | Context |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: |
| Setting Name: | NDS Server |
| Logical Value Type: | STRING |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | No Default Value |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Location Profiles\Services\{1E6CEEA1-FB73-11CF-BD76-00001B27DA23}\ Default\Tab1] |
| Registry Value Name: | Server |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: | Used by NDS and Bindery tabs. |
| Setting Name: | Clear Current Connections |
| Logical Value Type: | OFF/ON |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | 1 |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Location Profiles\Services\{1E6CEEA1-FB73-11CF-BD76-00001B27DA23}\ Default\Tab1] |
| Registry Value Name: | Clear Connections |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | DWORD |
| Help/Comment: |
| Setting Name: | Script Enable Tab |
| Logical Value Type: | STRING |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | "Script" |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Location Profiles\Services\{1E6CEEA1-FB73-11CF-BD76-00001B27DA23}\ Default\Tab2] |
| Registry Value Name: | Tab |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: | Shows the information displayed on the Script Tab of the login panel. |
| Setting Name: | Script Run Scripts |
| Logical Value Type: | OFF/ON |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | ON |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Location Profiles\Services\{1E6CEEA1-FB73-11CF-BD76-00001B27DA23}\ Default\Tab2] |
| Registry Value Name: | Login Script |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | DWORD |
| Help/Comment: | What does "default login script" indicate? |
| Setting Name: | Script Display Results Window |
| Logical Value Type: | OFF/ON |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | ON |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Location Profiles\Services\{1E6CEEA1-FB73-11CF-BD76-00001B27DA23}\ Default\Tab2] |
| Registry Value Name: | Display Results |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | DWORD |
| Help/Comment: |
| Setting Name: | Script Close Automatically |
| Logical Value Type: | OFF/ON |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | ON |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Location Profiles\Services\{1E6CEEA1-FB73-11CF-BD76-00001B27DA23}\ Default\Tab2] |
| Registry Value Name: | Close Results |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | DWORD |
| Help/Comment: |
| Setting Name: | Script Login Script |
| Logical Value Type: | STRING |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | No Default Value |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Location Profiles\Services\{1E6CEEA1-FB73-11CF-BD76-00001B27DA23}\ Default\Tab2] |
| Registry Value Name: | Script File |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: |
| Setting Name: | Script Profile Script |
| Logical Value Type: | STRING |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | No Default Value |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Location Profiles\Services\{1E6CEEA1-FB73-11CF-BD76-00001B27DA23}\ Default\Tab2] |
| Registry Value Name: | Profile Script |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: |
| Setting Name: | Login Script History |
| Logical Value Type: | STRING |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | No Default Value |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Login\ History\Scripts] |
| Registry Value Name: | 1, 2, etc. |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: |
| Setting Name: | Profile Script History |
| Logical Value Type: | STRING |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | No Default Value |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Login\ History\Profiles] |
| Registry Value Name: | 1, 2, etc. |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: |
| Setting Name: | Variable2 |
| Logical Value Type: | STRING |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | No Default Value |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Location Profiles\Services\{1E6CEEA1-FB73-11CF-BD76-00001B27DA23}\ Default\Tab2] |
| Registry Value Name: | Variable2 |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: |
| Setting Name: | Variable3 |
| Logical Value Type: | STRING |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | No Default Value |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Location Profiles\Services\{1E6CEEA1-FB73-11CF-BD76-00001B27DA23}\ Default\Tab2] |
| Registry Value Name: | Variable3 |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: |
| Setting Name: | Variable4 |
| Logical Value Type: | STRING |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | No Default Value |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Location Profiles\Services\{1E6CEEA1-FB73-11CF-BD76-00001B27DA23}\ Default\Tab2] |
| Registry Value Name: | Variable4 |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: |
| Setting Name: | Variable5 |
| Logical Value Type: | STRING |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | No Default Value |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Location Profiles\Services\{1E6CEEA1-FB73-11CF-BD76-00001B27DA23}\ Default\Tab2] |
| Registry Value Name: | Variable5 |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: |
| Setting Name: | Windows Tab |
| Logical Value Type: | STRING |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | NT Credentials |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Location Profiles\Services\{1E6CEEA1-FB73-11CF-BD76-00001B27DA23}\ Default\Tab3] |
| Registry Value Name: | Tab |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: |
| Setting Name: | Windows Local Username |
| Logical Value Type: | STRING |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | No Default Value |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Location Profiles\Services\{1E6CEEA1-FB73-11CF-BD76-00001B27DA23}\ Default\Tab3] |
| Registry Value Name: | DefaultUserName |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: | no default as such, may be Administrator. |
| Setting Name: | Windows Domain |
| Logical Value Type: | STRING |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | No Default Value |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Location Profiles\Services\{1E6CEEA1-FB73-11CF-BD76-00001B27DA23}\ Default\Tab3] |
| Registry Value Name: | DefaultDomainName |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: |
| Setting Name: | Dial-up Enable Tab |
| Logical Value Type: | STRING |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | Dialup |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Location Profiles\Services\{1E6CEEA1-FB73-11CF-BD76-00001B27DA23}\ Default\Tab4] |
| Registry Value Name: | Tab |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: | Shows the information shown on the Dial-Up Networking (DUN) tab of the login panel. |
| Setting Name: | Dial-up Login using DUN |
| Logical Value Type: | OFF/ON |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | OFF |
| Registry Key: | HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Location Profiles\Services\{1E6CEEA1-FB73-11CF-BD76-00001B27DA23}\ Default\Tab4] |
| Registry Value Name: | Enable RAS |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | DWORD |
| Help/Comment: |
| Setting Name: | Dial-up Phonebook entry to dial |
| Logical Value Type: | STRING |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | No Default Value |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Location Profiles\Services\{1E6CEEA1-FB73-11CF-BD76-00001B27DA23}\ Default\Tab4] |
| Registry Value Name: | Dialup Entry |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: |
| Setting Name: | Dial-up Dialing from |
| Logical Value Type: | STRING |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | No Default Value |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Location Profiles\Services\{1E6CEEA1-FB73-11CF-BD76-00001B27DA23}\ Default\Tab4] |
| Registry Value Name: | Dialup From |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: |
| Setting Name: | NMAS Enable Tab |
| Logical Value Type: | STRING |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | NMAS |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Location Profiles\Services\{1E6CEEA1-FB73-11CF-BD76-00001B27DA23}\ Default\Tab5] |
| Registry Value Name: | Tab |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: | Shows the information shown on the NMAS tab of the login panel. |
| Setting Name: | NMAS Sequence (drop down list) |
| Logical Value Type: | STRING |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | No Default Value |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Nmas\1.0\ Requested\Methods] |
| Registry Value Name: | 0,1,etc |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: | Valuedata is name of method. You should enter your NMAS Methods in the first box, the name should be numeric, starting at Zero, and the value is the name of the method e.g. 0 NDS 1 Simple Password The NMAS Sequence should contain the name of the method to appear by default in the NMAS method box. The Same applies for Clearances. If you go back to check the list of values, you will find that Selected Method/Selected Clearance is shown in the list, and can be safely removed, as it will be added back automatically. |
| Setting Name: | NMAS Sequence |
| Logical Value Type: | STRING |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | No Default Value |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Nmas\1.0\ Requested\Methods] |
| Registry Value Name: | Selected Method |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: | Name of selected method -- must be in drop down list. |
| Setting Name: | NMAS Clearance (drop down list) |
| Logical Value Type: | STRING |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | No Default Value |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Nmas\1.0\ Requested\Clearance] |
| Registry Value Name: | 0,1,etc |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: | Valuedata is name of clearance. |
| Setting Name: | NMAS Clearance |
| Logical Value Type: | STRING |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | No Default Value |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Nmas\1.0\ Requested\Clearance] |
| Registry Value Name: | Selected Clearance |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: | Name of selected clearance -- may not be in drop down list. |
| Setting Name: | NMAS Display clearance field |
| Logical Value Type: | OFF/ON |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | No Default Value |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Location Profiles\Services\{1E6CEEA1-FB73-11CF-BD76-00001B27DA23}\ Default\Tab5] |
| Registry Value Name: | display clearance |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | DWORD |
| Help/Comment: |
| Setting Name: | NMAS Log NMAS Client Activity |
| Logical Value Type: | OFF/ON |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | OFF |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\NMAS\1.0] |
| Registry Value Name: | log enable |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | DWORD |
| Help/Comment: |
| Setting Name: | NMAS Log NMAS Client Activity logfile (button) |
| Logical Value Type: | STRING |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | OFF |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\NMAS\1.0] |
| Registry Value Name: | log file |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: |
Advanced Login Tab
| Setting Name: | Advanced Button |
| Logical Value Type: | OFF/ON |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | ON |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Login] |
| Registry Value Name: | Advanced |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | DWORD |
| Help/Comment: | Specifies whether the Advanced button on the Login dialog is enabled. This button leads to various tabs that help you to specify advanced login parameters. |
| Setting Name: | Allow Dots in NetWare Username |
| Logical Value Type: | OFF/ON |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | OFF |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Login] |
| Registry Value Name: | Dots In Name |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | DWORD |
| Help/Comment: | If this setting is on, any periods entered in the NetWare username will be treated as part of the name, rather than as context delimiters. The user will not be able to enter the context as part of the username, but will have to enter it separately. This makes it possible for the user to login with a username such as 'John.Smith' to both NetWare and Windows. |
| Setting Name: | Bitmap Filename |
| Logical Value Type: | STRING |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | NWELCOME.BMP |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\NWGINA\Welcome Screen] |
| Registry Value Name: | Bitmap |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: | Specifies the bitmap that appears on the Windows NT/2000/XP welcome screen. You can specify any bitmap located in the Windows NT/2000/XP directory. You can also leave the field blank if you don't want to use a bitmap. |
| Setting Name: | Caption |
| Logical Value Type: | STRING |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | Begin Login |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\NWGINA\Welcome Screen] |
| Registry Value Name: | Header Message |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: | Use this option to specify the text that appears in the Windows NT/2000/XP welcome screen title. |
| Setting Name: | Clear Connections |
| Logical Value Type: | OFF/ON |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | OFF |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Login] |
| Registry Value Name: | Clear Connections |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | DWORD |
| Help/Comment: | Specifies whether the Clear Connections checkbox appears on the Login dialog. The checkbox allows you to clear all previous connections when you create a new connection to the network. |
| Setting Name: | Context Box |
| Logical Value Type: | OFF/ON |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | ON |
| Registry Key: | HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Login\TAB SETTINGS\NDS] |
| Registry Value Name: | DisableContext |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | DWORD |
| Help/Comment: | Checkbox on screen is "on", when disable is "off" Specifies whether the Context is displayed on the Login dialog. |
| Setting Name: | Context Browse Button |
| Logical Value Type: | OFF/ON |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | ON |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Login\TAB SETTINGS\NDS] |
| Registry Value Name: | DisableContextBrowse |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | DWORD |
| Help/Comment: | Checkbox on screen is "on", when disable is "off" Specifies whether the Context Browse button is displayed on the Login dialog. |
| Setting Name: | Copy NetWare Username to Windows |
| Logical Value Type: | OFF/ON |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | ON |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Login\TAB SETTINGS\NT Credentials] |
| Registry Value Name: | Sync NDS Username |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | DWORD |
| Help/Comment: | If this setting is on, whatever is entered in the primary (NetWare) Username field is copied into the Windows Username field, regardless of what might already be there. This setting has no effect when logging in Workstation Only, nor does it have any effect when doing a secondary login (from the Red N). Note that if the Windows Username is blank, this happens without this setting, but once the value has been set by a successful login, it will persist with that value, unless the location profile mandates that the name be blank. This setting makes it possible for an administrator to set up duplicate usernames in both NDS and Windows and the user can then log into both with a single entry. This setting provides support for UPN syntax and using dots in NDS usernames. See TID 10083253 |
| Setting Name: | Default Policy Support |
| Logical Value Type: | OFF/ON |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | OFF |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\NWGINA\Policy Support] |
| Registry Value Name: | Check Default |
| Default Registry Data: | 0x00000000 |
| Registry Value Data Type: | DWORD |
| Help/Comment: | After the user logs in to the network with NetWare Login, the authentication server's \sys\public\winnt directory is searched for ntconfig.pol file. If the file is found, the policy is applied to the user and workstation. |
| Setting Name: | Force Logoff Button |
| Logical Value Type: | OFF/ON |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | OFF |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\nwgina\Login Screen] |
| Registry Value Name: | ForceLogoff |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | DWORD |
| Help/Comment: | Value is treename, valuedata is context Specifies whether the Force Logoff button is displayed on the Login dialog when the workstation is locked. Force Logoff allows you to terminate the previously logged in user's Novell Client session even if he locked the workstation. Warning: Any unsaved work that the previous user had open will be lost. To maintain open applications and current network connections, log in using the previously logged in username and password. |
| Setting Name: | Initial Novell Login |
| Logical Value Type: | OFF/ON |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | ON (0) |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\nwgina] |
| Registry Value Name: | PassiveMode |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | DWORD |
| Help/Comment: | To disable the initial Novell login window, when the workstation is started, uncheck this box. |
| Setting Name: | Location List |
| Logical Value Type: | OFF/ON |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | OFF |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Login] |
| Registry Value Name: | Location |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | DWORD |
| Help/Comment: | Specifies whether the Location list on the Login dialog is enabled. The list shows recent places where the user has logged in. |
| Setting Name: | NMAS Authentication |
| Logical Value Type: | OFF/ON |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | OFF |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Login] |
| Registry Value Name: | NMAS Authentication |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | DWORD |
| Help/Comment: | If this setting is on, Novell Modular Authentication Services (NMAS) is enabled during login. NMAS authentication adds additional security to the network. However, if your network does not use NMAS, login may take additional time and you might want to disable NMAS authentication by changing this setting to off. |
| Setting Name: | OEM Extended ASCII Password |
| Logical Value Type: | OFF/ON |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | OFF |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Login] |
| Registry Value Name: | OEM Password |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | DWORD |
| Help/Comment: | If this setting is on, the use of the OEM extended ASCII characters in passwords is enabled. You should only use OEM extended ASCII characters if you have legacy software that requires you to use the OEM Code Page. The latest versions of Novell Client support extended ASCII characters using the UNICODE code page and do not need this setting to be enabled in order to handle special characters such as s Ñ, or €. |
| Setting Name: | Policy Path and Filename |
| Logical Value Type: | STRING |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | WS\System32 |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\NWGINA\Policy Support] |
| Registry Value Name: | Policy Path |
| Default Registry Data: | \\System32 |
| Registry Value Data Type: | STRING |
| Help/Comment: | To specify your policy path and filename, enter the path to your policy file in this setting. The path must be a valid UNC path. UNC-style pathnames do not use the usual MS-DOS pathname convention (drive:\directory). Instead, use the following format: \server\volume\dir1\dir2\filename.ext |
| Setting Name: | Remember WS Only |
| Logical Value Type: | OFF/ON |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | ON |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Login] |
| Registry Value Name: | Remember WS Only |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | DWORD |
| Help/Comment: | Determines whether or not the Workstation Only checkbox will remember the previous setting that was used. Setting this parameter to On causes the Workstation Only checkbox to remember the previous setting. Setting it to Off causes the Workstation Only checkbox to use the Workstation Only Default parameter value. |
| Setting Name: | Server Connection Retries |
| Logical Value Type: | OFF/ON |
| Range From: | 0 |
| Range To: | 60 |
| Default Value: | 5 |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Login] |
| Registry Value Name: | Max Retries |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | DWORD |
| Help/Comment: | This parameter controls the number of times that Login will try to establish a connection to a server. If Login tries to connect to a server and fails, it will wait 1 second and then try to connect again. It will continue to do this until the number of retries has been reached. It is recommended that this setting be no higher than 20. See TID 10086052. |
| Setting Name: | Suppress single sign-on for this login |
| Logical Value Type: | OFF/ON |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | ON |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Login] |
| Registry Value Name: | Show SSO |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | DWORD |
| Help/Comment: | Specifies whether the Suppress single sign-on for this login checkbox appears on the Login dialog. This checkbox only appears on the Login dialog if the Novell single sign-on product is installed on the workstation. The checkbox allows you to disable the single sign-on process for the current login attempt. |
| Setting Name: | Tree Box |
| Logical Value Type: | OFF/ON |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | ON |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Login\ TAB SETTINGS\NDS] |
| Registry Value Name: | DisableTree |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | DWORD |
| Help/Comment: | Checkbox on screen is "on", when disable is "off" Specifies whether the Tree is displayed on the Login dialog. |
| Setting Name: | Tree Browse Button |
| Logical Value Type: | OFF/ON |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | ON |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Login\ TAB SETTINGS\NDS] |
| Registry Value Name: | DisableTreeBrowse |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | DWORD |
| Help/Comment: | Checkbox on screen is "on", when disable is "off" Specifies whether the Tree Browse button is displayed on the Login dialog. |
| Setting Name: | Variables Button |
| Logical Value Type: | OFF/ON |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | OFF |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Login] |
| Registry Value Name: | variables |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | DWORD |
| Help/Comment: | Specifies whether the Variables button on the Login dialog is enabled. The button allows you to enter login script variables to be used when the user logs in. |
| Setting Name: | Workstation Only |
| Logical Value Type: | OFF/ON |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | OFF |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Login] |
| Registry Value Name: | Workstation Only |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | DWORD |
| Help/Comment: | Specifies whether the Workstation Only checkbox appears on the Login dialog. The Workstation Only checkbox is used to log in to the Windows workstation without logging in to the NetWare network. Setting this to "0" will cause the "Workstation Only" checkbox to not be displayed, so that the user MUST log into NetWare. |
| Setting Name: | Workstation Only Default |
| Logical Value Type: | OFF/ON |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | OFF |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Login] |
| Registry Value Name: | Default WS Only |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | DWORD |
| Help/Comment: | This is the default value for the Workstation Only checkbox. This paramter only applies when the Remember Workstation Only Setting parameter and the Workstation Only if not connected parameter are both set to Off. |
| Setting Name: | Workstation Only if not connected |
| Logical Value Type: | OFF/ON |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | OFF |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Login] |
| Registry Value Name: | Check Workstation Only if Disconnected |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | DWORD |
| Help/Comment: | This parameter causes Login to check the network connection status and set the Workstation Only checkbox accordingly. If this parameter is set to On and Login cannot determine that a valid network connection exists, it checks the Workstation Only checkbox. If this parameter is set to Off, Login does not attempt to determine the network connection status. |
| Setting Name: | Workstation Only login after network login |
| Logical Value Type: | OFF/ON |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | OFF |
| Registry Key: | [HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Login] |
| Registry Value Name: | Workstation Only Fallback |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | DWORD |
| Help/Comment: | Determines whether or not a Workstation Only login is attempted if the login to the network fails. Setting this parameter to On causes a Workstation Only login to be attempted if the network login fails. Setting it to Off skips the Workstation Only login after a network login failure. |
Service Location Tab
| Setting Name: | Scope list (list) |
| Logical Value Type: | List |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | No Default Value |
| Registry Key: | [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ ervices\SRVLOC\Parameters]\Scope |
| Registry Value Name: | 0,1,etc |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | value is name of filter |
| Help/Comment: | This is a list of scope names to be reported to SLP applications on this workstation. Multiple scope names are allowed. The list order reflects the preference order. Scopes can also be configured via DHCP or discovered dynamically from Directory Agents. A scope is like a collection of services within a logical group. You might want to use a scope to create a group of directory agents and services registered with these directory agents in a large organization. |
| Setting Name: | Static |
| Logical Value Type: | OFF/ON |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | OFF |
| Registry Key: | [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\SRVLOC\Parameters] |
| Registry Value Name: | Static Scopes |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: | Check the Static check box if you don't want the list to be supplemented by scopes that are discovered dynamically from Directory Agents. If you check the Static check box for the Directory Agent list, SLP requests will be sent to the Directory Agents whose addresses or DNS names have been configured in the list. Otherwise, SLP will send request to all Directory Agents advertised in the network. |
| Setting Name: | Filters (Button) |
| Logical Value Type: | Key N/A |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | No Default Value |
| Registry Key: | N/A |
| Registry Value Name: | N/A |
| Default Registry Data: | None (value not present in registry by default) |
| Value Type: | |
| Help/Comment: |
| Setting Name: | Registration Filter Scope List (list) |
| Logical Value Type: | List |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | No Default Value |
| Registry Key: | [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\SRVLOC\Parameters]\RegScope |
| Registry Value Name: | name of filter |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: | filter list is 0,1,etc with value being Filtered Service Type List entry This is a list of registration filter scope names that will be reported to SLP applications on this workstation. Multiple scope names are allowed. When registering services, this list is used in addition to the general Scope List already created. |
| Setting Name: | Filtered Service Type List (list) |
| Logical Value Type: | List |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | No Default Value |
| Registry Key: | [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\SRVLOC\Parameters]\RegScope\<name of filter> |
| Registry Value Name: | 0,1,etc |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: | value being Filtered Service Type List entry This is a list of registration filter scope names that will be reported to SLP applications on this workstation. Multiple scope names are allowed. When registering services, this list is used in addition to the general Scope List already created. This entry becomes the second in the list. If you only have one entry, disable this. If you have more than two entries, copy this one, replace the '1' in the value with '2', etc. |
| Setting Name: | Use Strict Registration Filtering |
| Logical Value Type: | OFF/ON |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | OFF |
| Registry Key: | [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\SRVLOC\Parameters] |
| Registry Value Name: | Strict Registration Filtering |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: | To limit the registration filter scope to this specific list of scopes, check the Use Strict Registration Filtering check box. |
| Setting Name: | Directory Agent List (list) |
| Logical Value Type: | List |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | No Default Value |
| Registry Key: | [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\SRVLOC\Parameters]\Directory Agent |
| Registry Value Name: | 0,1,etc |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: | value is name of DA This is a list of SLP Directory Agent addresses. Multiple Directory Agent addresses are allowed. Each address is a fully qualified domain name (DNS), or a dotted decimal IP address. Directory Agents can also be configured via DHCP, or discovered dynamically. |
| Setting Name: | Static |
| Logical Value Type: | OFF/ON |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | OFF |
| Registry Key: | [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\SRVLOC\Parameters] |
| Registry Value Name: | Static Das |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | STRING |
| Help/Comment: | Check the Static check box if you don't want the list to be supplemented by scopes that are discovered dynamically from Directory Agents. If you check the Static check box for the Directory Agent list, SLP requests will be sent to the Directory Agents whose addresses or DNS names have been configured in the list. Otherwise, SLP will send requests to all Directory Agents advertised in the network. |
Advanced Settings Tab
| Setting Name: | Auto Reconnect |
| Logical Value Type: | OFF/ON |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | ON |
| Registry Key: | [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\NetWareWorkstation\Parameters] |
| Registry Value Name: | Reconnect_Level |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | DWORD |
| Help/Comment: | Enables/disables client auto reconnect. |
| Setting Name: | Bad Address Cache Timeout |
| Logical Value Type: | Number |
| Range From: | 0 |
| Range To: | 172800 |
| Default Value: | 300 |
| Registry Key: | [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\NetWareWorkstation\Parameters] |
| Registry Value Name: | BadAddressCacheTimeout |
| Default Registry Data: | None (value not present in registry by default) |
| Registry Value Data Type: | DWORD |
| Help/Comment: | This parameter determines the number of seconds a Bad Address will remain in the Bad Address Cache. If the Client is unable to establish a connection to an IP or IPX address, it stores that address in the Bad Address Cache for the number of seconds specified in this parameter. Setting this parameter to 0 disables the Bad Address Cache. The bad address cache is a list of unreachable addresses held in memory. If the Client needs to talk to an address, it sends a request to the protocol stack (IP or IPX) and the protocol stack tries to find and establish a connection with that address. If the protocol stack cannot establish a connection, then that address gets marked as "bad" for five (5) minutes. There is no way to find out what addresses are currently populated in the workstation's bad address cache. If the address is an IP address, the Novell client sends a request to the TCP/IP stack on the Windows workstation. The TCP/IP stack makes three requests (SYN requests) to connect to that IP address. If the TCP/IP stack does not get a response back to those three requests, the TCP/IP stack returns a failure to the Novell client. The Novell client then places that "bad" IP address into the bad address cache (in memory) for five minutes. If the address is an IPX address, the Novell client sends a request to NWLINK.SYS on the Windows workstation. NWLINK.SYS is Microsoft's IPX protocol stack. NWLINK.SYS will RIP for that IPX address. If NWLINK.SYS does not get a RIP response back, then the IPX stack returns a failure to the client. The Novell client then adds the IPX address to the bad address cache (in memory) for five minutes. The bad address cache was implemented to help improve performance to dead or bad addresses. It is enabled by default. However, in a network that is having communications problems (dropped packets, overloaded NetWare servers, etc.), the bad address cache can cause connectivity issues. Please see TID 10076045 titled "Slow login times when mapping a drive to a server that is down". It is possible to enter addresses to which you never want to be connected. See "Bad Address Cache" in the Comprehensive Listing of Novell Client Settings section of this document. Bad addresses are added to the Bad Address Cache, and the corresponding Bad Server name is added to the Bad Server Name Cache. |
| Setting Name: | Bad Server Name Cache Enabled |
| Logical Value Type: | OFF/ON |
| Range From: | N/A |
| Range To: | N/A |
| Default Value: | ON |
| Registry Key: | [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\NetWareWorkstation\Parameters] |
| Registry Value Name: | Bad Name Cache Enabled |
| Default Registry Data: | 1 |
| Registry Value Data Type: | DWORD |
| Help/Comment: | Enables/disables Bad Server Name Cache. Bad Server Na me Cache is used to keep track of server names the client has tried to resolve but have failed. Once a server name is placed in that cache list, the client will not hit the wire to contact it. The bad name cache is an enhancement to the Novell client to help increase performance. A server name gets added to the bad name cache when none of the Name Service Providers can locate that resource. For example, let's say a workstation has IP and IPX protocols bound to the Novell client. A request is made to find the file server FS1. Assuming all the protocol components for IP and IPX are selected and used, the client will try to find server FS1 via the local host file, NDS, DNS, SLP, Bindery, and SAP. If the client can not find server FS1 via any of these methods, then the file server name FS1 gets added to the bad name cache for five (5) minutes. Any attempts to try to resolve FS1 within those five minutes will automatically fail - you will never see any requests on the wire (LAN interface) for FS1, even though the application may attempt to connect to FS1. This dynamic method of populating the bad name cache is only in memory; only the programs that access it (NWFS.SYS) have access to the contents of the dynamic bad name cache. There is not a way to go in a view the contents of the dynamic bad name cache on a workstation. However, there is a way that the Bad Name Cache can be enabled for certain names. See the entry for |