Novell Client for Windows 2000/XP/2003 4.91 SP3 Readme

November 17, 2006

Table of Contents

1.0 What’s New
1.1 Support Pack 3
1.2 Support Pack 2
1.3 Support Pack 1
1.4 Version 4.91
1.5 Changes
2.0 Installation Issues
2.1 Supported Windows Platforms
2.2 Supported Server Platforms
3.0 Login Issues
3.1 Login Fails when Specifying the Default NMAS Login Sequence
3.2 Installing SecureLogin 3.5 SP1 over the Novell Client 4.91 Prevents Login
3.3 Commenting Out the NMAS Load Line on NetWare 6.5 Server Causes the Client Login to Fail
3.4 Contextless Login Property Page Does Not Allow Cut and Paste Actions
3.5 ZENworks 6.5 Middle Tier Fails to Authenticate
3.6 Passive Mode Login Functionality
4.0 NMAS Issues
4.1 Older Versions of NICI Do Not Work with the Enhanced Password Method
5.0 Other Issues
5.1 Newer NetIdentity Client Files Might Cause Conflict
5.2 Files with Extended Attributes Do Not Copy to a Linux NSS Volume via NCP
6.0 Fixes Since the Last Release
7.0 Additional Documentation
8.0 Legal Notices

1.0 What’s New

1.1 Support Pack 3

The Novell® Client™ for Windows 2000/XP/2003 4.91 SP 3 contains bug fixes only. For a list of fixes, see Section 6.0, Fixes Since the Last Release.

1.2 Support Pack 2

This release includes additional Forgotten Password Recovery functionality. When a user logs in, the Novell® Client™ checks to see if the password policy uses Challenge Response and if the user has entered responses. If responses have not been entered, the user is notified and a dialog box opens so that he or she can enter the responses. Additionally, if the password policy uses a password hint or a password reminder and this had not been set, the Novell Client prompts the user to enter this information.

1.3 Support Pack 1

This release includes a new feature that lets users recover a forgotten password by using the “Forgot your password” link in the client login dialog box. For more information, see Using the “Forget Your Password?” Link in the Novell Client for Windows Installation and Administration Guide.

1.4 Version 4.91

The following features are new in version 4.91:

  • Changes to the Update Agent to allow you to deploy new property page settings.
  • Changes to Automatic Client Update that allow you to enable Update Agent on multiple workstations without running a complete software installation.
  • Changes to the Novell Client Update Agent and Automatic Client Update to allow components to be uninstalled.
  • Unicode* file naming in mixed language environments.
  • A Microsoft* Windows* System Restore Point is now created on Windows XP workstations prior to the Novell Client installation. System Restore allows you to restore your computer to its state before the Novell Client was installed, if a problem occurs, without losing data.
  • Implementation of the Novell Universal Password (also know as the NDS® Login Method) available in NetWare® 6.5 and later. It provides more robust and strong password and password management, with the ability to create a common password that can be used by all protocols to authenticate users. Also included are support for password hints, administrator messages, and password requirements.
  • Support for the NetIdentity agent

    The NetIdentity agent can be installed with the Novell Client or as a separate installation. It provides background authentication to Windows Web-based applications that require Novell eDirectory™ authentication, such as iPrint, Novell Virtual Office, and NetStorage.

1.5 Changes

The following changes have been made in version 4.91:

  • Windows NT* is no longer supported.
  • ZENworks® for Desktops 3.2 components have been deleted.

2.0 Installation Issues

2.1 Supported Windows Platforms

The Novell Client for Windows supports the following Windows operating systems:

  • Windows 2000 Professional
  • Windows 2000 Server
  • Windows 2000 Advanced Server
  • Windows Server 2003 Server Edition (32-bit versions only)
  • Windows Server 2003 Enterprise Edition (32-bit versions only)
  • Windows XP Professional
  • Windows XP Tablet PC Edition

IMPORTANT:The Novell Client does not run on Windows XP Home Edition, Windows XP 64-bit Edition, or Windows Server 2003 64-bit version.

2.2 Supported Server Platforms

The Novell Client for Windows works with all current versions of NetWare and Open Enterprise Server for Linux.

3.0 Login Issues

3.1 Login Fails when Specifying the Default NMAS Login Sequence

By default, the Novell Client attempts to perform an NMAS™ login using the NMAS login sequence that is configured in eDirectory. If nothing is specified, the Novell Client uses the default NMAS login sequence. This automatic fallback to the default can fail when logging in against an NMAS 2.3.4.1 server.

In the Login dialog box, select Advanced, select the NMAS tab, and then select NDS in the Sequence drop-down menu.

3.2 Installing SecureLogin 3.5 SP1 over the Novell Client 4.91 Prevents Login

Do not install SecureLogin 3.5 SP1 (or earlier) after installing the Novell Client 4.91. SecureLogin installs NMAS Client 2.7 over the NMAS Client 3.0. The Novell Client requires the NMAS Client 3.0; it is not compatible with the previous versions of the NMAS Client.

To solve this, reinstall the Novell Client 4.91.

3.3 Commenting Out the NMAS Load Line on NetWare 6.5 Server Causes the Client Login to Fail

If you remark out (rem) the NMAS load line in the autoexec.ncf file on a NetWare 6.5 server, the Novell Client cannot log in to the server. NMAS should not be removed from a NetWare 6.5 server.

3.4 Contextless Login Property Page Does Not Allow Cut and Paste Actions

You cannot copy, cut, or paste from within some fields of the contextless login property page.

3.5 ZENworks 6.5 Middle Tier Fails to Authenticate

Users and workstations can no longer authenticate through the middle tier after installing the Novell Client. For more information, see TID 10093371.

3.6 Passive Mode Login Functionality

When configured for passive mode login, the Novell Client’s NWGina defers to the Microsoft Graphical Identification and Authentication Dynamic Link Library (MSGINA.DLL) for the initial workstation login. After authentication to the workstation, NWGina attempts to authenticate to the Novell environment. The username and password used for workstation authentication are used for the Novell authentication.

To successfully authentication to the Novell environment, the username must exist in eDirectory, and the default location profile must be properly configured with the Tree and Context information.

To enable passive mode login, set the following registry keys:

[HKEY_LOCAL_MACHINE\SOFTWARE\Novell\NWGINA]
“PassiveMode”=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Login]
“PassiveModeNDSLogin”=dword:00000001
“PassiveModeNDSLoginSilent”=dword:00000000 or 00000001
“PassiveModeNDSLoginRequired”=dword:00000000 or 00000001

Registry Setting Descriptions
  • PassiveMode: (0/1) default is 0
    0 = normal mode
    1 = passive mode
  • PassiveModeNDSLogin: (0/1) default is 0
    0 = don't do Novell login
    1 = do Novell login
  • PassiveModeNDSLoginSilent: (0/1) default is 0
    0 = report Novell login errors
    1 = don't report Novell login errors
  • PassiveModeNDSLoginRequired: (0/1) default is 0
    0 = don't require Novell login
    1 = require Novell login
Notes:
  • If the “PassiveModeNDSLoginRequired” setting is True (1), the GINA login experience will require a successful Novell authentication in order to succeed.
  • The “PassiveModeNDSLoginSilent” setting requires functionality released in the Novell Client for Windows XP/2003 4.91 SP3
  • Login scripts are not processed in passive mode. A workaround is to run them after the GINA login. You can do this by placing a run entry in the registry, or you can create an entry in the startup folder.

    The following in a run key example:

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    “nwscript=reg_expand_sz:loginw32.exe %username% /NA /CONT

4.0 NMAS Issues

4.1 Older Versions of NICI Do Not Work with the Enhanced Password Method

By default, the Client version 4.91 and later implements the Novell Universal Password, which provides robust and strong passwords. As a part of this implementation, Novell Client installs NMAS and NICI.

NMAS authentication adds additional security to the network. However, if your network does not use NMAS, login might take additional time and you might want to disable NMAS authentication on the server and not install it with the Novell Client software. Novell Client installs NICI Client 2.7 and NMAS Client 3.0 by default. If you do not want to install them during the Client installation, install using a configuration file (unattend) that specifies not to install them. For more information, see the Novell Client for Windows Installation and Administration Guide.

For more information on disabling NMAS, see Disabling NMAS on the Server in the Novell Modular Authentication Services 2.3 x Administration Guide.

For more information on deploying universal passwords, see Deploying Universal Password in the Novell Modular Authentication Services 2.3 x Administration Guide.

5.0 Other Issues

5.1 Newer NetIdentity Client Files Might Cause Conflict

Newer versions of the NetIdentity client files, such as the version shipping with the Novell Client versions 4.9, 4.9 SP1, 4.9 SP2, and 4.91, have a different architecture than the version shipping with ZENworks for Desktops 4.0.1(and updates), even though the filenames are the same.

If you try to install the NetIdentity client after installing the ZENworks Management Agent, the following error message is displayed:

This version of NetIdentity cannot be installed over Novell ZENworks for Desktops (ZfD). You must either uninstall ZfD or wait to upgrade NetIdentity with the next release of ZfD.

You cannot install an updated NetIdentity.

However, if the newer version of NetIdentity is already installed on a workstation, a subsequent installation of the ZENworks Management Agent will not detect the newer versions of the NetIdentity files, so the Agent installation program overwrites the newer files. Later, when users log in to the workstation or select the NetWare Logon from the red N in the Quick Launch bar, the workstation freezes.

In this situation, we recommend that you use the Add/Remove Programs utility (available from the Windows Control Panel) to uninstall NetIdentity and then install the ZENworks Management Agent.

5.2 Files with Extended Attributes Do Not Copy to a Linux NSS Volume via NCP

Files with extended attributes do not copy to a Linux* NSS volume using NCP™. To solve this problem, use CIFS to copy files with extended attributes to a Linux server. Or, copy files from a Netware server that has extended attributes to a FAT32 (not NTFS) drive first, and then recopy the files to a OES Linux server.

6.0 Fixes Since the Last Release

The following bugs have been fixed with this release of the Novell Client for Windows 2000/XP/2003 4.91 SP 3:

  • Auto Update not working with drive letter.
  • Remove WMNotifyRegSettings from NWSETUP.DLL.
  • Users receive1954 error when trying to install the Client through setupip.
  • Add Forgotten Password-related items to the Novell Client Properties / NCIMAN.
  • Update Agent not prevented from running in terminal session.
  • Need UI property page setting for contextless login alias search setting.
  • Expose “Grace login, force user to change password” setting in UI.
  • Expose “Search all Scopes” setting in UI.
  • Expose “Simple Unlock” setting in UI.
  • Expose “Cache Exclusive Open” setting in UI.
  • Expose “IP Cost Timeout” setting in UI.
  • Expose “Login When NWGina Not Loaded” setting in UI.
  • Denial of Service attack in srvloc.sys.
  • Unable to map to volumes containing a DNS Name.
  • Requirement to Notify Novell Client Ext DLLs during CTRL+ALT+DEL > Change Password.
  • The Novell Client doesn’t notify the password to SecureLogin extn DLL.
  • NMAS IDPlugins fail to set tree name, context, server name.
  • Novell login failure with Meetinghouse AEGIS client “Logon” authentication profile.
  • Move Change Password Message dialog box to Change Password Box.
  • Inability to capture a password change request when the Novell Client is installed.
  • NWGINA fails to retrieve terminal connection-supplied credentials via WlxQueryClientCredentials.
  • “Username:” field ends up being populated with “DOMAIN\Username.”
  • Can't change password from Ctrl+Alt+Del screen.
  • LDAP Contextless Login hard-coded to always match alias object in addition to inetOrgPerson.
  • Novell Client does not repopulate network address field on auto-reconnect.
  • When the forgotten password link is turned off, don't query for the policy.
  • Poor error message returned when Forgotten Password link is selected and Forgotten Password isn't enabled in the Password Policy for the user.
  • Credential Manager Interface not called when password changed because Windows password expired.
  • 4.91 client doesn't let you login with a password that includes French accents.
  • With Novell Client a drive is mapped root to the main home directory share, and isn't creating the user's home directory.
  • Users unable to log into workstation only when disconnected from the network and the workstation only check box has been removed.
  • NOVNPNT resolving drive letters as network host names.
  • Problems accessing Microsoft Access 2003 SP1 Databases when client file caching enabled and op-locks level 2 disabled.
  • Properties of folders through DFS junction do not display the Novell Tabs.
  • NetWare Info tab, owner variable not initialized.
  • Novell “NetWare Copy...” function history truncated in 4.91 and later.
  • Browse To menu items cannot be created or edited successfully.
  • When right clicking Windows Application shortcut it takes 30+ seconds to show options.
  • Problem with Windows kernel stack size.
  • Resolve name requests for file system data when using dirmap object.
  • NwGetProcAddress implementation can crash and/or fail to find export.
  • Viewing Trustee rights of directory in Windows Explorer does not show names correctly.
  • 4.91 SP2 folder trustee displayed is garbage when folder OWNER is not defined.
  • Novell Client is submitting the wrong EID.
  • Support DFS junctions at subdirectories.
  • Memory leak when UTF8 enabled.
  • While attempting to open access database, the Client deletes the database file.
  • Op-lock issues with Access 2003.
  • Cannot create files or directories if path exceeds 100 characters.
  • Client sends update file handle while holding a level 2 op-lock.
  • Slow printing due to resolving //NDPS0x on the wire.
  • DFS Junction Properties do not get displayed when using a mapped drive.
  • Contexless login does not work correctly with Client 4.91 20050819.
  • Slow performance when opening a file that is op-locked by another user.
  • 4.91 SP2 PKC nwfs.sys reintroduced over 4GB file size not being displayed properly.
  • Unable to specify a mapped drive letter using the Novell File Copy Utility.
  • Op-lock level one failure in 8-19-05 package.
  • ASP.NET app fails to access Novell share using system.io file objects on Windows 2003 IIS 6.
  • NDPPNT error exit paths referencing NWDPAccessorRef after already freed.

7.0 Additional Documentation

For documentation on installing and configuring Novell Client software, see the Novell Client for Windows Installation and Administration Guide.

For documentation on managing login scripts, see the Novell Login Scripts Guide.

For information on configuring and using Universal Password, see the Novell Password Management Administration Guide.

If you are using Novell Modular Authentication Services (NMAS) in your network, you should also read the NMAS readme. Because the NMAS installation has been integrated in to the Novell Client installation, issues that affect NMAS could also affect the Novell Client.

8.0 Legal Notices

Novell, Inc. makes no representations or warranties with respect to the contents or use of this documentation, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc. reserves the right to revise this publication and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes.

Further, Novell, Inc. makes no representations or warranties with respect to any software, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc. reserves the right to make changes to any and all parts of Novell software, at any time, without any obligation to notify any person or entity of such changes.

Any products or technical information provided under this Agreement may be subject to U.S. export controls and the trade laws of other countries. You agree to comply with all export control regulations and to obtain any required licenses or classification to export, re-export, or import deliverables. You agree not to export or re-export to entities on the current U.S. export exclusion lists or to any embargoed or terrorist countries as specified in the U.S. export laws. You agree to not use deliverables for prohibited nuclear, missile, or chemical biological weaponry end uses. Please refer to www.novell.com/info/exports/ for more information on exporting Novell software. Novell assumes no responsibility for your failure to obtain any necessary export approvals.

Copyright © 2006 Novell, Inc. All rights reserved. No part of this publication may be reproduced, photocopied, stored on a retrieval system, or transmitted without the express written consent of the publisher.

Novell, Inc. has intellectual property rights relating to technology embodied in the product that is described in this document. In particular, and without limitation, these intellectual property rights may include one or more of the U.S. patents listed at http://www.novell.com/company/legal/patents/ and one or more additional patents or pending patent applications in the U.S. and in other countries.

For Novell trademarks, see the Novell Trademark and Service Mark list.

All third-party trademarks are the property of their respective owners.