|
Home > Archive > CNE > October 2001 > novell W/ NT
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
|
|
|
| O.k., I took this voluenteering job for a local school system (God only knows why). The network was originally built upon a NOVELL 4.11 Network (YUCK!) and they have since installed a SUN COBALT CUBE (I have no idea what OS is running on it, I assume Windows NT of some sort because the use Windows Networking Client to log into that machine). Anyway, here's the problems:
Originally, the teachers logged into the Novell network using Client32. They had a username (username was first initial+lastname, well use jguy for example) and no password (that's right, no password....). They would then in turn be on the Novell Network after pressing <o.k.> on the Client32 login screen.
Since then, they have added that cobalt box that appears to be a WindowsNT PDC or something. I changed the primary client to Windows Networking leaving the novell client too. I was told that the teachers log into the windows network using the username "teacher" and password "teacher". I do this, and they are logged in to the windows network immediately. Next, just like clock work, the novell client login screen jumps up complaining about not being able to log in using the "teacher" user id and password. If I put the original Novell username and no password, then I can log in (essentially I'm logged into the Windows network under "teacher" and novell network under "first initial+lastname w/ no password"). I thought that this setup was just fine because of the different NOSes, but the principal of the school brought this to my attention:
The office people log into the windows network using the user id of "office" and password of "office". They have client 32 and windows networking client installed in the network properties, but only the windows login screen promps the user. Novell is done automatically. They can access both the novell server and the windows server. I thought to myself, "hmmmm. must be a script or something with the user "office" that isn't applied to the user "teacher" yet, but I was wrong. I logged in to that same station as "teacher" the same way and had the same access. O.k., now I'm really confused. How does this machine allow only one login for both servers? (in my past, I have done this with Netware Client Services on NT).
I was reading on the net last night that you can set a registry key to allow a defaut username and password for novell and kill the prompt, but I lost the information. Ahhhh, the wonders of Cross-Platformal Computing!!! Could someone please give me your thoughts on this??!?!?!
The guys at the school probably think that I don't know what I'm doing, but heck, I've been doing networking for almost 7 years now!!!! Let me know what you guys think!!! | |
| ccieToBe 2001-10-05, 1:32 pm |
| I would switch everyone over to just one of the logins (M$ or Novell). You really need to find out exactly what's running on the cube to setup one login for both OSs. It wouldn't suprised me if that cobalt cube is running Linux with Samba since most cobalt equipment (or at least what I've seen) seems to run Linux. | |
|
| Yes, that's true, but what about accessing both file servers????? (again, the BOE (board of education) will not allow me admin access to the Cobalt Cube). Is there anything that I can do down at the workstation level?? | |
| ccieToBe 2001-10-05, 4:54 pm |
| I've never done anything like that before on the workstation level, so I couldn't tell you much more then what you've already posted. Hopefully one of the regulars will have some ideas. | |
| chunder 2001-10-05, 5:50 pm |
| why can't there be a user account on the Cobalt box (regarless of NOS) that is the same as what they are logging into NDS as? seems like a no brainer to me that they would do that. if the Sun box is running WinNT/2000, checkout NetVision.com's Synchronicity. it also seems that they are in a "HIGHLY SECURE" environment. 
i assume you're using Win9x on the WS(otherwise we wouldn't see this behavior with the different clients).
ok.. anyway. i don't know how to make a machine auto-login to NDS but i do have a registry key that will put the username in the client for you and make it so the client will ALWAYS be set to that name... but then maybe because they aren't using passwords at the Novell Client then it will automatically fly through. but i believe the M$ client passes it's information to the Novell Client... at least the Novell Client would do that to the M$ client was it set as the first client to use...
here:
___________________________
REGEDIT4
[HKEY_LOCAL_MACHINE\Software\N
ovell\Location Profiles\Services\{1E6CEEA1-FB73-11CF-BD76-00001B27DA23}\Default]
"UserName"="jguy"
"Save On Exit"=dword:00000000
"Tab"="Credentials"
[HKEY_LOCAL_MACHINE\Software\N
ovell\Location Profiles\Services\{1E6CEEA1-FB73-11CF-BD76-00001B27DA23}\Default\Tab1]
"Tab"="NDS"
"Server"="ServerName"
"Clear Connections"=dword:00000001
"Context"="OUname.OUname.Oname"
"Tree"="TreeName"
______________________________
copy all the text BETWEEN the ____ and paste it into a new notepad text doc and name it whatever.reg. you will need to edit this file for each workstation with the proper username and context information FOR THE USER WHO USES THAT WORKSTATION... your tree and servers are most likely going to be the same accross the board.
replace the bolded information with the appropriate data. the save on exit of all 0s tells the client to not remember who last logged in or to remember who you have explicitly set it as (for example, you could leave it blank so there's no name in it ever.) make the last 0 a 1 and it WILL keep the previous user's name there.
let's hear if that does a damn thing fer ya.
disclaimer: i'm not responsible for you dinking with your registry... in otherwords, proceed at your own risk. (but it's really easy to reverse this reg hack). | |
|
| Cool dude!!! Thanks for the reg hack. I'm going to try that since they will not give me rights to the cobalt server. I read that this could be done somewhere, but I didn't save the page (like a dork!). So, thanks!! I'll let you know how it turns out!!
Joe | |
| chunder 2001-10-09, 6:51 pm |
| i honestly don't think it's really going to work... the MS client should be passing it's supplied credentials over to the Novell Client.
this document goes over some tricks for using the autologin feature that's built into NT/2000. i don't know if you wade through your registry on your w9x machines if you'd see anything... (i'd look some for you but don't have a 98 machine nearby).
however! this may be a little more to the point for you! http://support.novell.com/cgi-bin/s...gi?/2906462.htm
wooo hoo! i think i'm on a roll!
http://support.novell.com/cgi-bin/s...i?/10061650.htm
now i want to try this stuff!
let me know what you find! | |
| kchristian 2001-10-09, 9:01 pm |
| Novell has a Single Sign-on that may work. I am not sure the it would work with the cobalt or not.
If it is NT, NT will retain the ID/password (if the accounts on both sides have the same ID/Password). Also, you must login correctly one time for it to keep it. This is using the Novell Client not the MS Novell client.
If you use this, one thing to remember, if they change novell password then your out of sync.
I have used this with 95/98 logining into novell server and NT domain for exchange services and it works, but again, the passwords can be a headache for the admin if they are not taught how to change them both at the same time. | |
| chunder 2001-10-09, 10:53 pm |
| quote:
Originally posted by kchristian
Novell has a Single Sign-on that may work. I am not sure the it would work with the cobalt or not.
If it is NT, NT will retain the ID/password (if the accounts on both sides have the same ID/Password). Also, you must login correctly one time for it to keep it. This is using the Novell Client not the MS Novell client.
If you use this, one thing to remember, if they change novell password then your out of sync.
I have used this with 95/98 logining into novell server and NT domain for exchange services and it works, but again, the passwords can be a headache for the admin if they are not taught how to change them both at the same time.
hey K. tell me more about single sign-on. i've never taken the time to look into it but it may be beneficial in my environment. we currently log into NDS and to a 2000 AD domain. we keep passwords in sync (and create users in both directories) with NetVision's Synchronicity so we really don't have the password-outta-sync issue of which you speak and have had in pre-Synchronicity. | |
| kchristian 2001-10-10, 10:04 pm |
| chunder
I am in the same boat with you, not really used in to be a whiz but here is a link that will help with details that I might leave out.
http://www.novell.com/products/sso/productinfo.html
The one I dealt with the most (lightly) was PassGo and can't remember the maker.
I'll rack my brain and info and see what I can come up with for you. |
|
|
|
|