Novell Home

My Favorites

Close

Please to see your favorites.

How to configure "Computer Only Logon If Not Connected" functionality

This document (7009517) is provided subject to the disclaimer at the end of this document.

Environment

Novell Client 2 SP2 for Windows Vista
Novell Client 2 SP2 for Windows 7
Novell Client 2 SP2 for Windows 2008
Novell Client 2 SP2 for Windows 2008 R2

Situation

Starting with the Novell Client 2 SP2 for Windows (IR3), a "Computer Only Logon If Not Connected" functionality is available.  This TID describes the configuration and usage of the new functionality introduced in this update.  Note this functionality is similar in intention to the "Workstation Only Logon If Not Connected" feature in the previous Novell Client for Windows XP/2003.

Resolution

To enable the "Computer Only Logon If Not Connected" feature:

1. Log on to the Windows machine with administrative privileges.

2. Edit the registry and navigate to the existing
\HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Login\ key.

3. Create a subkey named "Computer Only Logon If Not Connected", such that a key path of \HKEY_LOCAL_MACHINE\Software\Novell\Login\Computer Only Logon If Not Connected\ now exists.

4. Under the "Computer Only Logon If Not Connected" key, create the following entries:
  • A DWORD (32-bit) value named "Enable". If the value of this entry is set to 1, the "Computer Only Logon If Not Connected" feature is enabled.  If this value does not exist or is set to 0 (zero), the feature is disabled.
  • Optionally, create a Multi-String (not String) value named "Network Category List". This Multi-String can be set to one or more of the following values, which correspond to the names Windows uses to describe network categories: "Home", "Work" and "Public".
  • Optionally, create a Multi-String named "Network Name List". This Multi-String can contain a list of one or more names that have been assigned to networks identified by Windows. For example, "Network 1", "Network 2", "My-Residence", "My-Office" and so on.
Windows Multi-String values intend to have each item entered on its own separate line.  Meaning you will not comma-separate or use other delimiters when entering multiple values.  To enter multiple network category names or multiple network names, when using Windows REGEDIT on a Multi-String value simply press the ENTER key after each value to input each value on its own separate line of the REGEDIT Multi-String editor.



The "Computer Only Logon If Not Connected" feature takes effect when the "Enable" value is set to 1, even without the "Network Category List" or "Network Name List" values being defined.  When the "Computer Only Logon If Not Connected" feature is enabled, at minimum the Novell Client will automatically perform a Computer Only Logon instead of a Novell Logon if Windows reports there are not any active network interfaces when the logon attempt is initiated.

If the "Network Category List" is defined, the Novell Client will query Windows to determine what category each identified network belongs to.  ("Work", "Home", or "Public".)  The "Network Category List" names which Windows network
categories the "Computer Only Logon If Not Connected" feature should assume CAN NOT access Novell eDirectory servers.

Note this means if any one of the currently active networks detected by Windows is assigned to a category which does NOT appear in the configured "Network Category List", the "Computer Only Logon If Not Connected" functionality will
not engage.  For example, assume the "Network Category List" has been configured with "Home" and "Public".  During the next logon attempt, Windows reports there are two "Public" networks detected and one "Work" network detected.  In this case the Novell Client will perform a normal Novell Logon, because there one network present (the "Work" network) which isn't in the "Network Category List".

If the "Network Name List" is defined, the Novell Client first performs the "Network Category List" processing described above if the "Network Category List" is defined.  After matching the active network categories against the "Network Category List", if there is still one or more active Windows networks which hasn't been excluded based on category, the Novell Client will match those network names against the "Network Name List".  The "Network Name List" names individual Windows network names the "Computer Only Logon If Not Connected" feature should assume CAN NOT access Novell eDirectory servers, regardless of what Windows network category the named networks belong to.

For example, assume the "Network Category List" has been configured with "Home" and "Public", and the "Network Name List" has been configured with "RemoteOffice".  During the next logon attempt, Windows reports a "Public"
network and also a "Work" network named "RemoteOffice".  Even though based on the "Network Category List" alone a Novell Logon would have been attempted due to presence of the "Work"-category network, because the "Work" network is named "RemoteOffice" and this network name appears in the "Network Name List", the Novell Client will actually consider that none of the active networks detected by Windows qualify for attempting a Novell Logon.  A Computer Only Logon will be initiated instead.

To use the "Computer Only Logon If Not Connected" feature:

1. Logout of Windows, or reboot the machine.

2. Select the "Novell Logon" link on the Windows logon page, if the Novell Client login is not already in "Novell Logon" mode.  If "Computer Only Logon" mode is explicitly selected, the "Computer Only Logon If Not Connected" feature
does not need to engage.

Note by default, the Novell Client remembers whether "Novell Logon" or "Computer Only Logon" was last used, and will default to that mode during the next logon.  If you want the Novell Client to always come up in "Novell Logon" mode and then just let the "Computer Only Logon If Not Connected" automatically decide whether a Novell Logon attempt is actually appropriate, change the "Computer Only Logon Default" setting from "Automatic" to "Never" in the "Advanced Login" tab of the Novell Client Properties.

3. Now attempt to logon in Novell Logon mode.  Once you enter your password and press the submit button, the Novell Client will begin the "Computer Only Logon If Not Connected" processing of querying Windows for connected network names and categories, and matching those names and categories again any configured "Network Category List" and "Network Name List" values.

4. If the Novell Client determines there are one or more active Windows networks present over which a Novell Logon attempt will be appropriate, the Novell Client will simply proceed with normal Novell Logon processing of attempting to login to both eDirectory and the Windows account.

5. If the Novell Client determines that all of the active Windows networks match either the configured "Network Category List" or "Network Name List", or if Windows reports there simply are not any active Windows networks, even though the Novell Client was in Novell Logon mode when the logon attempt was initiated, the eDirectory login will be transparently skipped, and only the Windows account logon attempt will be made.

6. Note in cases where the Windows account password is not the same as the eDirectory account password – for example, because the Windows account password was normally supplied from a Novell ZENworks Dynamic Local User (DLU) policy, or the password was expected to be retrieved by NMAS-based Single Sign-On – the Windows-only account logon attempted by "Computer Only Logon If Not Connected" will not be able to succeed using the eDirectory password.

The Novell Client will still skip the eDirectory logon attempt and will perform just a Computer Only Logon, but the user will have to manually enter their Windows account password.  This is only an issue in cases which otherwise would have retrieved their Windows account passed from Novell eDirectory-based sources.

Additional Information

This feature allows the Novell Client to automatically select performing a "Computer Only Logon" when the available network connectivity fails to meet specific criteria, or when simply no network connectivity is available at all.

The "Workstation Only If Not Connected" option in the Novell Client for Windows XP/2003 functioned purely on "Does Windows know of one or more active network interfaces?" to decide whether or not to automatically select the "Workstation Only" login option.  While this approach was useful in many cases, scenarios where the workstation was still connected to a network over which the eDirectory servers were not accessible (such as a home broadband network) could prevent the feature from engaging.  The fact this feature decided to enable or disable the "Workstation Only" option before any logon attempt occurred could also be a limitation, if Windows was still in the process of starting up and more Windows network interfaces arrived after "Workstation Only if Not Connected" had already made its decision.

The Novell Client for Windows "Computer Only Logon If Not Connected" feature, when enabled, improves upon both of these points.  Instead of "any Windows network interface", it is now possible to specify specific Windows network categories (e.g. "Work", "Home", "Public") for which a "Computer Only Logon" is preferred.  Additionally, specific names assigned to Windows networks (e.g. "Network 1", "Network 2", "My Office", etc.) can be specified for more granular control.

Finally, the "Computer Only Logon If Not Connected" feature does not make its decision about whether to proceed with a Novell Logon or automatically switch to Computer Only Logon until the user actually initiates a logon attempt.  Thereby permitting the maximum time possible for additional network interfaces to arrive or be detected before the feature makes its decision.

The "Computer Only Logon If Not Connected" feature, when enabled, also maintains the basic "if no Windows network interfaces are available, perform a Computer Only Logon instead of Novell Logon" functionality.  This functionality can be used even without having to specify any Windows network names or categories.

At the next available opportunity, the Novell Client will add configuration of the "Computer Only Logon If Not Connected" feature into the Novell Client Properties configuration interface.  Until then, this feature can be enabled by directly editing the described registry configuration.
 
NOTE:
Prior to the release of Novell Client 2 SP2 for Windows IR5 this functionality was only available with "Novell Logon" set to on.   With the release of Novell Client 2 SP2 for Windows IR5 this functionality is also available with the "Novell Logon" set to off.  The Novell Logon setting can be accessed from the "Advanced Login" tab in properties of the Novell Client 2.

Disclaimer

This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7009517
  • Creation Date:18-JUN-12
  • Modified Date:12-FEB-14
    • NovellClient

Did this document solve your problem? Provide Feedback