Client Login Extension for Novell Identity Manager 3.5 Security Fix

The Client Login Extension provided in version 3.5 of Identity Manager writes a user's name and password to a local file when the user logs in. This file can only be read by a user that's logged in to the local workstation. This does not affect the IDM 3.5 CLE media or patch downloaded after Aug 1, 2007

CLE has since been fixed such that names and passwords are never written to a file. The file will also be deleted if it exists.

Immediate deployment of the newer build is highly recommended. You must upgrade to IDM 3.5.1 or newer and then install the latest patch for Novell Client Extension.  IDM 3.6.1 driver patches will work with IDM 3.5.1 and later.