The Client Login Extension (CLE) facilitates password self-service by adding a link to the Novell Microsoft Credential Provider (MSCP), and Microsoft GINA login clients. When users click the link in their login client, the Client Login Extension launches a restricted browser to access the Password Self-Service feature on the login clients. This feature assists in reducing help desk calls from people who forget their passwords.
In Windows 2003 and Windows XP, the password recovery support is available for graphical authentication interfaces such as GINA for the Novell Client and LDAP clients like Novell SecureLogin.
In the absence of the Novell Client and LDAP clients, the password recovery support is provided by the default Microsoft GINA, implemented by Client Login Extension.
In Windows Vista and Windows 7, the password recovery support is available for graphical authentication interfaces such as Credential Provider for LDAP clients and the Novell Client. In the absence of these clients, the password recovery support is provided by the default Microsoft Credential Provider implemented by the Client Login Extension.
A credential provider filter component is provided by the Client Login Extension. This credential provider filter function is to filter out any existing credential provider in the user system. If the Novell Client or SecureLogin credential provider is present, then Client Login Extension filters the credential provider provided by the Client Login Extension.
Password recovery support through the Client Login Extension tool is also available for locked workstations and for workstations in which user operations are controlled by Desktop Automation Services (DAS).
The Administrator runs the Configuration Utility of the Client Login Extension and provides registry entries for the MSI file. The registry entries for the MSI file include a welcome note, the text to be shown as a link, the URL of the target server, and other required options. The entered values are displayed as fields on the restricted password self-service browser. A user who forgets the password should provide the required values in the self-service browser and retrieve the forgotten password.
Running the Configuration Utility of the Client Login Extension configures the Client Login Extension MSI file, which you then install on client workstations running the Novell Client software, Novell SecureLogin 7.0 SP1, Microsoft Credential Provider, or the Microsoft GINA. The Client Login Extension works on Windows 7, Windows XP, Windows Vista, and Windows 2000 workstations.
The Client Login Extension MSI files are available in a number of different languages. You must configure the Client Login Extension file for each language, including English, before it can be used.
The Client Login Extension Configuration utility allows the system administrator to specify the following configuration information for the Client Login Extension MSI file:
You can set the URL for password self-service.
For the Microsoft GINA client, Microsoft Credential Provider, or Novell SecureLogin 7.0 SP1, you can include text such as, “Forgotten Password” for the link to password self-services.
NOTE:The Client Login Extension for Novell Identity Manager works with native Microsoft GINA, Microsoft Credential Provider, Novell SecureLogin 7.0 SP1, and the Novell Client 2 SP1 or later. The Client Login Extension does not work with any application that alters Microsoft GINA, except the Novell Client 2 SP1 or later. The Client Login Extension has been tested for use on licensed Novell Identity Manager 3.5 and later systems.
The remaining sections in this guide step you through installing and using the Client Login Extension Configuration utility to configure the Client Login Extension MSI files. The instructions for using the Client Login Extension MSI files are also included in these sections.