This feature allows the Client to automatically select performing a Computer Only Logon when the available network connectivity fails to meet specific criteria, or when simply no network connectivity is available at all.
The Workstation Only If Not Connected option in the Novell Client for Windows XP/2003 functioned purely on "Does Windows know of one or more active network interfaces?" to decide whether or not to automatically select the Workstation Only login option. While this approach was useful in many cases, scenarios where the workstation was still connected to a network over which the eDirectory servers were not accessible (such as a home broadband network) could prevent the feature from engaging. The fact this feature decided to enable or disable the Workstation Only option before any logon attempt occurred could also be a limitation, if Windows was still in the process of starting up and more Windows network interfaces arrived after Workstation Only if Not Connected had already made its decision.
The Client for Windows Computer Only Logon If Not Connected feature, when enabled, improves upon both of these points. Instead of any Windows network interface, it is now possible to specify specific Windows network categories (for example, Work, Home, and Public) for which a Computer Only Logon is preferred. Additionally, specific names assigned to Windows networks (for example, Network 1, Network 2, My Office, and so on) can be specified for more granular control.
Finally, the Computer Only Logon If Not Connected feature does not make its decision about whether to proceed with a Logon or automatically switch to Computer Only Logon until the user actually initiates a logon attempt. Thereby permitting the maximum time possible for additional network interfaces to arrive or be detected before the feature makes its decision.
The Computer Only Logon If Not Connected feature, when enabled, also maintains the basic "if no Windows network interfaces are available, perform a Computer Only Logon instead of Logon" functionality. This functionality can be used even without having to specify any Windows network names or categories.
At the next available opportunity, the Client will add configuration of the Computer Only Logon If Not Connected feature into the Client Properties configuration interface. Until then, this feature can be enabled by directly editing the described registry configuration.
Log on to the Windows machine with administrative privileges.
Edit the registry and navigate to the existing \HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Login\ key.
Create a subkey named Computer Only Logon If Not Connected, such that a key path of \HKEY_LOCAL_MACHINE\Software\Novell\Login\Computer Only Logon If Not Connected\ now exists.
Under the Computer Only Logon If Not Connected key, create the following entries:
A DWORD (32-bit) value named Enable. If the value of this entry is set to 1, the Computer Only Logon If Not Connected feature is enabled. If this value does not exist or is set to 0 (zero), the feature is disabled.
Optionally, create a Multi-String (not String) value named Network Category List. This Multi-String can be set to one or more of the following values, which correspond to the names Windows uses to describe network categories: Home, Work and Public.
Optionally, create a Multi-String named Network Name List. This Multi-String can contain a list of one or more names that have been assigned to networks identified by Windows. For example, Network 1, Network 2, My-Residence, My-Office and so on.
Optionally, create a DWORD(32 bit) value named Use Lists for Novell Logon. If the value of this entry is set to 1, the Network Catrgory List and Network Name List values will be interpreted as criteria for networks which CAN access eDirectory servers, and when networks matching these criteria are present the Client should attempt a normal Logon. If the Use Lists for Novell Logon value does not exist or is set to 0 (zero), the Network Category List and Network Name List values will be interpreted as criteria for networks which CAN NOT access eDirectory servers, and if all connected networks match this criteria the Client should skip the eDirectory login attempt and proceed immediately with a Computer Only Logon instead. Continue reading the description below of the Network Category List and Network Name List values for additional explanation.
The Computer Only Logon If Not Connected feature takes effect when the Enable value is set to 1, even if the Network Category List or Network Name List values are not defined. When the Computer Only Logon If Not Connected feature is enabled, at minimum the Client will automatically perform a Computer Only Logon instead of a Logon if Windows reports there are not any active network interfaces when the logon attempt is initiated.
If the Network Category List is defined, the Client will query Windows to determine what category each identified network belongs to (Work, Home, or Public). When the Use Lists for Novell Logon value does not exist or is set to 0 (zero), the Network Category List names which Windows network categories the Computer Only Logon If Not Connected feature should assume CAN NOT access eDirectory servers, and assumes any non-matching connected networks CAN access eDirectory servers. When the Use Lists for Novell Logon value is set to 1, the Network Category List names which Windows network categories the Computer Only Logon If Not Connected feature should assume CAN access eDirectory servers, and assumes any non-matching connected networks CAN NOT access eDirectory servers.
If the Network Name List is defined, the Client first performs the Network Category List processing described above if the Network Category List is defined. After matching the active network categories against the Network Category List, the Client will additionally match the network names against the Network Category List. When the Use Lists for Novell Logon value does not exist or is set to 0 (zero), the Network Category List names individual Windows networks the Computer Only Logon If Not Connected feature should assume CAN NOT access eDirectory servers, regardless of what Windows network category the named networks belong to. When the Use Lists for Novell Logon value is set to 1, the Network Category List names individual Windows networks the Computer Only Logon If Not Connected feature should assume CAN access eDirectory servers, regardless of what Windows network category the named networks belong to.
After completing both the Network Category List processing (if defined) and the Network Name List processing (if defined), and after considering the meaning of those lists in relation to the Use Lists for Novell Logon value (if defined), if the Computer Only Logon If Not Connected feature has ultimately determined there is ONE OR MORE connected networks which CAN access eDirectory servers, a Logon attempt will be permitted to proceed normally and attempt an eDirectory login. If the Computer Only Logon If Not Connected feature ultimately determined that ALL of the connected networks CAN NOT access eDirectory servers, a Logon attempt will skip the eDirectory login attempt and proceed immediately with a Computer Only Logon instead.
For example, assume the Network Category List has been configured with Home and Public, and the Network Name List has been configured with RemoteOffice, and the Use Lists for Novell Logon value does not exist or is set to 0 (zero). During the next logon attempt, Windows reports a Public network and also a Work network named RemoteOffice. Even though based on the Network Category List alone a Logon would have been permitted to attempt eDirectory login due to presence of the Work category network, because the Work network is named RemoteOffice and this network name appears in the Network Name List, the Client will actually consider that none of the active networks detected by Windows can access eDirectory servers. Attempting a Logon would result in the Client skipping the eDirectory login attempt and would proceed with a Computer Only Logon instead.
Logout of Windows, or reboot the machine.
Select the Logon link on the Windows logon page, if the Client login is not already in Logon mode. If Computer Only Logon mode is explicitly selected, the Computer Only Logon If Not Connected feature does not need to engage.
NOTE:By default, the Client remembers whether Logon or Computer Only Logon was last used, and will default to that mode during the next logon. If you want the Client to always come up in Logon mode and then just let the Computer Only Logon If Not Connected automatically decide whether a Logon attempt is actually appropriate, change the Computer Only Logon Default setting from Automatic to Never in the Advanced Login tab of the Client Properties.
Now attempt to logon in Logon mode. Once you enter your password and click Submit, the Client will begin the Computer Only Logon If Not Connected processing of querying Windows for connected network names and categories, and matching those names and categories again any configured Network Category List and Network Name List values.
If the Client determines there are one or more active Windows networks present over which a Logon attempt will be appropriate, the Client will simply proceed with normal Logon processing of attempting to login to both eDirectory and the Windows account.
If the Client determines that all of the active Windows networks match criteria indicating that cannot access eDirectory servers, or if Windows reports there simply are not any active Windows networks, even though the Client was in Logon mode when the logon attempt was initiated, the eDirectory login will be transparently skipped, and only the Windows account logon attempt will be made.
Note in cases where the Windows account password is not the same as the eDirectory account password – for example, because the Windows account password was normally supplied from a Novell ZENworks Dynamic Local User (DLU) policy, or the password was expected to be retrieved by NMAS-based Single Sign-On – the Windows-only account logon attempted by Computer Only Logon If Not Connected will not be able to succeed using the eDirectory password.
In this case, the Client will still skip the eDirectory logon attempt and will perform just a Computer Only Logon, but the user will have to manually enter their Windows account password. This is only an issue in cases which otherwise would have retrieved their Windows account passed from eDirectory-based sources.