eDirectory Intruder lockouts Windows Vista Users

  • 3576093
  • 06-Mar-2008
  • 26-Apr-2012

Environment

Novell Client for Windows Vista 1.0
CIFS

Situation

Users experience what appears to be random lock-outs of their eDirectory accounts. In a LAN trace, the machine first resolves the NCP shares of a server, and then proceeds to scan for the \IPC$ share via CIFS. If the server happens to have CIFS running, but doesn't have a simple password configured for the user, authentication fails repeatedly and the user is locked out.

Resolution

Solutions:

1. Configure simple password in the environment so authentcation completes successfully.
2. Resolve remote resources via distinct names rather than IP addresses. ie: 'Netware_SMB' for the CIFS access and 'Netware' for regular NCP
3. Disable CIFS if not used.

NetWare 6.5 sp6 and earlier

4. Modify the sys:\etc\cifsctxs.cfg file and add an entry for each affected user, e.g.

O=novell
-admin
-jdoe

(Both admin and jdoe would not be allowed to try to authenticate via CIFS.)