Novell Home

My Favorites

Close

Please to see your favorites.

ZCM agent with nwclient ignores DefaultRealm configuration when multiple realms are configured

This document (7010869) is provided subject to the disclaimer at the end of this document.

Environment

Novell ZENworks Configuration Management 11.2

Situation

NetWare client is installed on a device where the ZENworks agent is set with EnableSeamlessLogin and DefaultRealm.  The DefaultRealm is set to Active Directory usersource.  The zone is configured for both AD and eDirectory user source.
 
Passive mode login using the NetWare client will default to the eDirectory usersource, ignoring the DefaultRealm setting.

Resolution

For ZCM 10.x: A fix for this issue is intended to be included in a future update to ZCM 11.x: however, in the interim, Novell has made a Patch available for testing, in the form of a Field Test File (FTF): it can be obtained at http://download.novell.com/Download?buildid=R3Tl8c-jmWQ~ as "ZCM 10.3.4 - fix for ZCM agent with nwclient ignores DefaultRealm configuration - see TID 7010869". This Patch should only be applied if the symptoms above are being experienced, and are causing problems.

This Patch has had limited testing, and should not be used in a production system without first being checked in a test environment. Some Patches have specific requirements for deployment, it is very important to follow any instructions in the readme at the download site. Please report any problems encountered when using this Patch, by using the feedback link on this TID.

For ZCM 11.x: This is fixed in version 11.2.3a - see TID 7011295 "ZENworks Configuration Management 11.2.3a - update information and list of fixes" which can be found at http://www.novell.com/support/search.do?usemicrosite=true&searchString=7011295

Cause

In version 11.2.1 the order for login is this:
  1. If only one user source is configured in the zone, by default agent consumes it and proceeds with Passive Login.
  2. Agent checks for any Cached Realm names  in the registry :
    HKLM\SOFTWARE\NOVELL\ZCM\ZenLgn\History\CachedUserZenNames.
    If it matches with entry of current user, it retrieves the Realm name from registry.
  3. Check if passed Realm name (from either NWClient or MS login) matches the configured Realms, then use it.
  4. Check for Seamless login & Default realm reg keys and proceed with Default realm.

The report to engineering is to reverse the order of 3 and 4 above.

Disclaimer

This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7010869
  • Creation Date:03-OCT-12
  • Modified Date:11-JUL-13
    • NovellZENworks Configuration Management

Did this document solve your problem? Provide Feedback