Minimum directory version: Novell eDirectory 8.7.3 or Microsoft Active Directory on Windows 2000 SP4.
Minimum LDAP version: LDAPv3
Minimum user account rights: Read rights.
For Active Directory, you can use a basic user account. This provides sufficient read access to the directory.
For eDirectory, you need inheritable read rights to the following attributes: CN, O, OU, C, DC, GUID, WM:NAME DNS, and Object Class. You can assign the rights at the directory’s root context or at another context you designate as the ZENworks root context.
The username and password used to access the user source directory are stored in clear-text format on the ZENworks Linux Primary servers in the /etc/CASA/authtoken/svc/iaRealms.xml file. By default, the access to this file is limited because of security reasons.
If you are an eDirectory user the required access rights that are provided by default are: Read, Write, Create, Erase, Modify, File Scan, and Access Control. These rights are sufficient to access a Roaming profile.
DNS name resolution: With Active Directory, your ZENworks Servers (in particular, the DNS clients on the ZENworks Server) must be able to resolve the DNS name of each Active Directory domain defined as a user source. Otherwise, users from the Active Directory domain cannot log in to the ZENworks Management Zone.