When configured for passive mode login, the Novell Client’s NWGina defers to the Microsoft Graphical Identification and Authentication Dynamic Link Library (msgina.dll) for the initial workstation login. After authentication to the workstation, NWGina attempts to authenticate to the Novell environment. The username and password used for workstation authentication are also used for the Novell authentication.
To successfully authentication to the Novell environment, the username must exist in eDirectory, and the default location profile must be properly configured with the Tree and Context information.
To enable passive mode login, set the following registry keys:
[HKEY_LOCAL_MACHINE\SOFTWARE\Novell\NWGINA] “PassiveMode”=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Login] “PassiveModeNDSLogin”=dword:00000001 “PassiveModeNDSLoginSilent”=dword:00000000 or 00000001 “PassiveModeNDSLoginRequired”=dword:00000000 or 00000001
PassiveMode: (0/1) default is 0 0 = normal mode 1 = passive mode
PassiveModeNDSLogin: (0/1) default is 0 0 = don't do Novell login 1 = do Novell login
PassiveModeNDSLoginSilent: (0/1) default is 0 0 = report Novell login errors 1 = don't report Novell login errors
PassiveModeNDSLoginRequired: (0/1) default is 0 0 = don't require Novell login 1 = require Novell login
If the PassiveModeNDSLoginRequired setting is True (1), the GINA login experience requires a successful Novell authentication in order to succeed.
The PassiveModeNDSLoginSilent setting requires functionality released in the Novell Client for Windows XP/2003 4.91 SP3 or later.
Login scripts are not processed in passive mode. A workaround is to run them after the GINA login. You can do this by placing a run entry in the registry, or you can create an entry in the startup folder.
The following in a run key example:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “nwscript=reg_expand_sz:loginw32.exe %username% /NA /CONT