Right, wrong or in different....we have pockets of users that do not use our
configured flavor of Novell's Client32 and use Microsoft's Client Services
for NetWare to access our NDS/NetWare file and print environment (NetWare 5.1
SP7 running NDS 8 (DS.NLM version 8.85c) and NLDAP (version 3.23).

We have introduced an ldapmodify method of performing a password change.

The password change is performed via an ldapmodify on the userpassword
attribute. When a password is changed via this method, Client32 computers
(2K and XP) can login fine. But computers (XP and 2K) running Microsoft's
Client Services for NetWare can not login. The incorrect login count does
increment. More interesting, the last login date and time updates, even
though no "login occurs".

If the password is changed via NOVELL NWadmin, NOVELL ConsoleOne or etc the
user can auth using Microsoft's Client Service for NetWare.

Any thoughts....

On Mon, 1 Nov 2004 06:59:11 -0800, "Gregory" >
wrote:

>Right, wrong or in different....we have pockets of users that do not use our
>configured flavor of Novell's Client32 and use Microsoft's Client Services
>for NetWare to access our NDS/NetWare file and print environment (NetWare 5.1
>SP7 running NDS 8 (DS.NLM version 8.85c) and NLDAP (version 3.23).
>
>We have introduced an ldapmodify method of performing a password change.
>
>The password change is performed via an ldapmodify on the userpassword
>attribute. When a password is changed via this method, Client32 computers
>(2K and XP) can login fine. But computers (XP and 2K) running Microsoft's
>Client Services for NetWare can not login. The incorrect login count does
>increment. More interesting, the last login date and time updates, even
>though no "login occurs".
>
>If the password is changed via NOVELL NWadmin, NOVELL ConsoleOne or etc the
>user can auth using Microsoft's Client Service for NetWare.
>
>Any thoughts....

Gregory,

Do all computers (including the "pockets of users") have both Novell client
products installed (but not used), or do the other users decline to install the
Novell Client32?

I wonder what the bindings look like for computers with both products installed?

Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.

The Novell Client32 client is the recommened client. But some groups or
individual users have chosen to not install/use Client32 and use MS Client
Services for NetWare (pockets).

The computers running MS Client Services for NetWare do not have Novell's
Client32 installed.

Again, if the userpassword attribute (the RSA key pair password) is changed
via an ldapmodify, Client32 computers can login just fine, but Client
Services for NetWare computers can not (failed login is seen as an invalid
password).

THX


"Chuck" wrote:

> On Mon, 1 Nov 2004 06:59:11 -0800, "Gregory" >
> wrote:
>
> >Right, wrong or in different....we have pockets of users that do not use our
> >configured flavor of Novell's Client32 and use Microsoft's Client Services
> >for NetWare to access our NDS/NetWare file and print environment (NetWare 5.1
> >SP7 running NDS 8 (DS.NLM version 8.85c) and NLDAP (version 3.23).
> >
> >We have introduced an ldapmodify method of performing a password change.
> >
> >The password change is performed via an ldapmodify on the userpassword
> >attribute. When a password is changed via this method, Client32 computers
> >(2K and XP) can login fine. But computers (XP and 2K) running Microsoft's
> >Client Services for NetWare can not login. The incorrect login count does
> >increment. More interesting, the last login date and time updates, even
> >though no "login occurs".
> >
> >If the password is changed via NOVELL NWadmin, NOVELL ConsoleOne or etc the
> >user can auth using Microsoft's Client Service for NetWare.
> >
> >Any thoughts....
>
> Gregory,
>
> Do all computers (including the "pockets of users") have both Novell client
> products installed (but not used), or do the other users decline to install the
> Novell Client32?
>
> I wonder what the bindings look like for computers with both products installed?
>
> Cheers,
> Chuck
> Paranoia comes from experience - and is not necessarily a bad thing.
>

On Tue, 2 Nov 2004 07:09:04 -0800, "Gregory" >
wrote:

>The Novell Client32 client is the recommened client. But some groups or
>individual users have chosen to not install/use Client32 and use MS Client
>Services for NetWare (pockets).
>
>The computers running MS Client Services for NetWare do not have Novell's
>Client32 installed.
>
>Again, if the userpassword attribute (the RSA key pair password) is changed
>via an ldapmodify, Client32 computers can login just fine, but Client
>Services for NetWare computers can not (failed login is seen as an invalid
>password).
>
>THX

Gregory,

Having general knowledge (from several years ago) of IPX/SPX and Netware
protocols, I can best suggest that maybe one of the comp.os.netware.* forums
might provide assistance with this problem.

From experience with Windows networking in general, I can only point out that
binding multiple / various protocols to any Windows installation sometimes
produces challenging and interesting results. I am simply guessing that the
ldapmodify procedure may be less compatible with MS Client Services for Netware,
than with Novell Client32. YMMV.

Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.