Hi all,
We are experiencing a problem with the PASSWORDACCESS=GENERATE and NODENAME
options
on Novell and Win/NT clients.
What we expect to see is that the system prompts for a password the first
time a new node contacts the host.
Then, this password is encrypted and stored on the client, for use on
subsequent sessions initiated from this
node. According to the ADSM documentation, when the password expires, a
new one is generated, and it is
saved as the encrypted password on the client. However, the documentation
also states that by including
the NODENAME option, the PASSWORDACCESS=GENERATE option is basically
ignored, and the system
will always prompt for a password.
Our situation is:
Our local Win/NT - Novell guru states that we MUST use the NODENAME
parameter on these clients.
According to him, if he removes the NODENAME option, he gets prompted to
enter the nodename EVERY
time he initiates a session with the server.
If we include the NODENAME option, we see that on the first session, the
system prompts for a password and
all subsequent sessions use this encrypted password until the password
expires. Once this password expires,
the system prompts for a password on EVERY session initiated thereafter.
Obviously we don't know this password since it was generated by the system.
It appears as though the system is not
generating this password, or for whatever reason, the client is not saving
it. This happens whether we let the password
expire, or force a password reset.
As you might have guessed, I'm no Win/NT-Novell expert. I do know that on
all of our UNIX clients (HP, SUN, AIX), we
have no problem with PASSWORDACCESS=GENERATE, and we are not forced to use
the NODENAME option.
Our environment:
ADSM Server 3.1.2.0 - RS/6000 w/ AIX 4.2.1.0
Win/NT client - Win/NT 4.0, ADSM 3.1.0.3
Win/NT dsm.opt:
TAPEPROMPT NO
COMMmethod TCPIP
SLOWINCR NO
LARGECOMMBUFFER NO
COMPression Off
SUBDir ON
QUIET
SCHEDLOGname C:\WIN32APP\IBM\ADSM\BACLIENT\DSMSCHED.LOG
SCHEDLOGRetention 10
ERRORLOGRetention 10
PASSWORDACCESS GENERATE
NODEname XXXXXXXX
TCPServeraddress ###.###.###.###
LANGUAGE AMENG
Novel client - Netware 4.11, ADSM 3.1.0.3
Novell Netware dsm.opt
COMMMETHOD TCPip
TCPSERVERADDRESS ###.###.###.###
TCPPORT 1500
NODENAME SLBKUP03
NWPWFILE Y
PASSWORDACCESS GENERATE
SUBD YES
COMPression OFF
DOMain ALL-LOCAL
DOMain DIRECTORY
QUERYSCHedperiod 12
QUIET
MEMORYEFFICIENT YES
TXNBYTELIMIT 2000
TAPEPrompt NO
SCHEDLOGname SYS:/ADSM/DSMSCHED.LOG
ERRORLOGname SYS:/ADSM/DSMERROR.LOG
SCHEDLOGRetention 10
ERRORLOGRetention 10
Any suggestions or insight is appreciated
Regards,
Dennis Haas
IBM Global Services
St. Louis, Mo
|