For anyone who is interested in Advanced Authentication integration with the Client for Open Enterprise Server, and/or has been using the first phase of Advanced Authentication integration that was delivered in March 2017 with Client for Open Enterprise Server 2 SP4 (IR6):
A public beta build of the Client for Open Enterprise Server 2 SP4 (IR11 Beta 20181108a) has been made available, which contains the implementation of the next phase of integration between Advanced Authentication and the Client for Open Enterprise Server.
This build can be downloaded from the beta site at
The primary change with regard to Advanced Authentication integration is that the IR11 client now provides the ability to utilize the Client for Open Enterprise Server credential provider to manage the Advanced Authentication + eDirectory + Windows logon experience.
In high-level, this new integrations in Client for OES helps customers:
- using Zenwork Dynamic Local Users policy with Client for OES to use Multi-factor authentication using Advanced Authentication.
- Integrate Multi-factor Authentication with Client for OES during every logins and unlock scenarios.
- Integrate Multi-factor Authentication with Client for OES during “Change Password” Scenarios.
- maintain same native Login experience with Client for OES for easy adaptability.
As compared to the previous IR6 through IR10 integration behavior, which depended on the NetIQ Advanced Authentication credential provider to perform a Windows-only logon; followed by a secondary eDirectory-only login through the Client for Open Enterprise Server in a manner similar to “Login with Third-Party Credential Provider”.
You can download feature Doc or refer beta documentation site which illustrates the new integration behaviors which will be available as part of Client for Open Enterprise Server 2 SP4 (IR11) when released. Note the last page of the .PDF also contains a list of known issues or behaviors which
are not yet working as of the IR11 Beta 20181108a build.
The window for feedback on further changes or improvements to the IR11 Advanced Authentication integration behavior closes in about two weeks from now. Any input will be gladly accepted whenever you can provide it, but two weeks is just when that feedback might have the best opportunity to affect the actual IR11 release.
The actual IR11 release will be at some point soon after that; but contingent on any remaining issues or behaviors QA identifies and the time required to address them
For any feedback, feel free to contact