With this feature enabled, LDAPAuth will encrypt and store the Windows workstation or the AD domain user password locally and retrieve it when required, hence the user need not re-enter the workstation password from the next login onwards.
With NESCM as the login method, this feature is supported in the LDAP Gina or Credential Provider mode with eDirectory. When logging in with NESCM in either online or offline mode, just entering the PIN is sufficient.
ActivClient version 6.2 or later / Gemalto PKCS11 for .NET V2+
NICI v2.7.6
NMAS v3.5.0
NESCM v3.0.8
NOTE:Disconnected Login Using NESCM is not supported on Windows server 2003 and Windows server 2008.
To enable Disconnected Login using NESCM, create the following registry settings:
|
Registry Path |
Registry Type |
Registry Name |
Registry Value |
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Login\LDAP |
DWORD |
DisconnectedRequired |
1 |
|
DWORD |
LDAPAuthNMASSelected |
1 |
|
DWORD |
UsePasswordFieldforNMAS |
1 |
|
String |
LDAPAuthNMASSequence |
Enhanced Smart Card |
|
DWORD |
DoNotShutdownNSL |
1 |
|
HKEY_LOCAL_MACHINE\SOFTWARE\Protocom\SecureLogin |
DWORD |
TryRegCredInOffline |
1 |