-1680 Error returned to client using an NMAS Login Method
This document (3218625) is provided subject to the disclaimer at the end of this document.
Novell Client for Windows 2000/XP/2003 4.91
If all login methods are desired to be authorized, which is the default scenario, then any existing sasAuthorizedLoginSequences attribute values in the tree, particularly in the search path of user, container, partition root, then Login Policy object should be deleted.
In one case after newly installing the PCProx functionality in a tree, all users were failing with the -1680 error. They found that there were old sasAuthorizedLoginSequence attribute values for no longer used methods on the Users Container. After removing the sasAuthorizedLoginSequences attribute from the Users container, users could successfully log in with the PCProx method.
The full search path NMAS will scan when looking for the sasAuthorizedLoginSequences attribute is first the User object, then the User Object Container, then the Partition Root container for the user, and finally, the Login Policy object in the security container. If NMAS doesn't find the attribute at the lower levels, it will continue searching to the Login Policy object. If it doesn't find one there, the default is that all Login Sequences are authorized.
This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:3218625
- Creation Date:06-SEP-07
- Modified Date:26-APR-12
- NovellNMAS (Modular Authentication Service)
Did this document solve your problem? Provide Feedback