Windows roaming user profiles no longer working as expected with SecureLogin installed.

Document ID:7940698
Creation Date:19-Aug-2009
Modified Date:22-May-2012
- Micro Focus Products:
  SecureLogin

Environment

SecureLogin

SecureLogin SSO

NSL 6.0.100

NSL 7.0.x
AD, Citrix, Terminal Services

Situation

Issue

Windows roaming user profiles no longer working as expected with SecureLogin installed.

With SecureLogin installed roaming profiles fail and printers and outlook settings do not roam with the user. If SecureLogin is uninstalled, everything operates as expected.

Time to login to AD increases after installing SecureLogin

Resolution

Cause

This is caused by Windows profile saving issues with Microsoft’s Data Protection API (DPAPI). When the user profile is read during SecureLogin load, an issue occurs in some environments that can be resolved using a SecureLogin registry setting.

Solution

Edit the registry and create a DWORD value called ForceHKLMandNoDPAPI in

HKEY_LOCAL_MACHINE/SOFTWARE/Protocom/SecureLogin/

Set this value to 1.