If the user's password expires, they will be forced by Novell to change their password immediately after a successful Novell login.
The SafeBoot client does not register the password change, even after a forced synchronization. The next time the user reboots, they will be forced to authenticate using their EXPIRED password at the SafeBoot screen, then they will be dumped at a password failure Novell screen to manually enter their NEW password.
SafeBoot will then pick up on the password change.
Can anybody else replicate this issue using the Novell, Windows or SafeBoot Gina?
That's expected behavior as far as I've seen. SafeBoot SSO credentials are not tied directly to the password token, they're just additional information stored attached to the user's SB account. Even if you can fix your configuration so it updates the SB password on a Novell password change the SSO details will be incorrect at your next Novell login.
Does anyone have any ideas for a workaround? I would like to keep the login process as transparent as possible for 5000 end users!
Current Problem: User Password expires & is changed SafeBoot does not recognize the changes User reboots User enters old password at SafeBoot Screen User enters new password at Novell Screen SafeBoot replicates password change
A genius coworker located the problem yesterday. Installation of the SafeBoot Admin Console on an encrypted machine breaks the SafeBoot windows client's ability to detect password changes. Admin console installation changes the default safeboot path from "c:\program files\safeboot" to "c:\program files\safeboot remote console" in registry location:
Ah! - It's not so much installing the admin console, it's because you're using the unsupported MiniAdmin script in silent install mode (using the client installer module). If you used it in non-silent mode it uses the admin system install module.
Really, the only officially supported way of installing the admin system is to actually INSTALL the product from the official distribution. Miniadmin is a hack, and though useful, can cause this kind of malarkey.