Client for Open Enterprise Server Readme

1.0 Naming Conventions

Client for Open Enterprise Server refers to the version of the Client for Windows 7, Windows 8, Windows 10, Windows Server 2008 R2, and Windows Server 2012.

Client for Open Enterprise Server refers to the support pack release of the Client Windows 7, Windows 8, Windows 10, Windows Server 2008 R2, and Windows Server 2012 product.

2.0 What’s New in Client for Open Enterprise Server

The following changes are included:

2.1 Client Updated With SHA-2 Certificates

Client for Open Enterprise Sever 2 SP4 (IR3) is signed using a new Micro Focus SHA-2 certificate, due to Windows’ deprecation of SHA-1 certificates.

For successful installation of Client on Windows 7 and Windows Server 2008 R2, ensure to install the Microsoft Security Update KB3033929 to add support for SHA-2 certification.

2.2 Rebranding Changes

Novell is now part of Micro Focus. Products across the portfolio are now being rebranded to reflect Micro Focus or a more appropriate name. This corporate change impacts the name of products and components, user interfaces, logos, and so on. As a result of this corporate change, the new name for Novell Client is Client for Open Enterprise Server.

The documentation update to reflect these changes (such as names and screenshots) is being done in a phased manner.Until all the guides in the documentation library are modified, Novell Client and Client for Open Enterprise Server are used interchangeably.

The screenshot provides an overview of the change to the user interfaces, logos, and so on. However, all the client functionality remains the same.

Figure 1 Overview of Client for Open Enterprise Server

For more information, see Rebranding Changes in the Client for Open Enterprise Server Administration Guide.

3.0 Installation

3.1 Supported Windows Platforms

The Client for Open Enterprise Server is supported on the following platforms:

  • Windows 10 (x86 or x64)

    (Enterprise Edition, Education Edition, or Professional Edition)

  • Windows 8.1

  • Windows Server 2012 R2

  • Windows 8 (x86 or x64) excluding Windows 8 RT

  • Windows Server 2012 (x64)

  • Windows Server 2008 R2 SP1 (x64)

  • Windows Server 2008 R2 (x64)

  • Windows 7 SP1 (x86 or x64)

  • Windows 7 (x86 or x64)

    (Ultimate Edition, Enterprise Edition, or Professional Edition)

    The Novell Client for Windows is also supported in Remote Desktop Services and Desktop Virtualization environments.


  • Ensure Windows 7 and Windows Server 2008 R2 are installed with Microsoft security update KB3033929 to add support for SHA-2 certification.

  • The Client for Open Enterprise Server might run but is not supported on Windows Starter, Home Basic, and Home Premium editions.

3.2 Supported Server Platforms

The Client for Open Enterprise Server supports Open Enterprise Server (OES) 2015, OES 11 SP2, OES 11 SP1, OES 11, OES 2, and NetWare 6.5.

On Windows Server platforms, the Client for Open Enterprise Server might run but is not supported on Datacenter Edition, Web Server Edition, or on Server Core installations using any edition.

3.3 Installing the Client for Open Enterprise Server

To install the Client, run the setup.exe file located in the C:\Micro Focus\Client for Open Enterprise Server 2 SP4 (IR3) directory.

3.4 Uninstalling a Later Version of Client for Open Enterprise Server to Reinstall a Previous Client Version

The NMAS client installed with Client for Open Enterprise Server includes NICI as a required dependency. Uninstalling the Client automatically uninstalls the NMAS client, but intentionally does not uninstall NICI because other applications on the workstation besides NMAS or the Client may still be using NICI services.

If you uninstall the Client for Open Enterprise Server with the intention of installing a previous version of the Client, it is recommended that you also uninstall NICI (and NICI for Windows x64, if running Windows x64) before re-installing the previous Client.

Attempting to install the initial an earlier Client without first removing NICI can result in one or more of the following issues:

  • During installation of the Client on Windows 7 x64, the NMAS Challenge/Response method will report a 1603 error. This is because the NMAS client included in the initial release cannot resolve its required dependencies using the newer version of NICI still present on the machine.

  • When starting up, the Windows welcome screen on Windows x64 displays an error, such as The procedure entry point CCSX_Authenticate could not be located in the dynamic link library ccswx64.dll.

  • The NICI installer of the older NICI version can damage the existing newer NICI installation. For example, attempting to install NICI 2.7.3 when NICI 2.7.4 is already present, or attempting to install NICI 2.7.4 when NICI 2.7.6 is already present. Subsequent attempts to use NICI can report -1471 0xFFFFFA41 NICI_E_SELF_VERIFICATION errors due to the damaged NICI installation.

  • The Client for Open Enterprise Server contains NICI 2.77.3, and the Novell Client 2 SP2 and earlier versions contain NICI 2.76. If you are intending to uninstall NICI 2.77 or later and re-install NICI 2.76, an additional step is necessary. The Novell NICI installer intentionally leaves behind certain NICI files, including CCSW32.DLL and CCSWX64.DLL. Due to an issue in the NICI 2.76 for Windows x64 installer, re-installing NICI 2.76 on Windows x64 is unable to overwrite the CCSWX64.DLL file left behind by the NICI 2.77 or later installers.

    To uninstall a later version of NICI and re-install NICI 2.76 on Windows x64, in addition to uninstalling the NICI product, you will need to rename or delete the CCSWX64.DLL from the Windows SYSTEM32 directory.

    IMPORTANT:If you omit this step, NICI 2.76 will still appear to install correctly, but attempting to login to eDirectory using NMAS will fail with a NICI-specific NICI_E_SELF_VERIFICATION (-1471) error. When this issue happens, or before this issue happens, rename or delete the CCSWX64.DLL in the Windows SYSTEM32 directory and then run the Novell Client 2 SP2 or earlier installation again to re-install NICI 2.76 successfully.

If you fail to follow these guidelines, features that require NMAS will not function, due to one or all of the above conditions.

These guidelines and issues also apply to installing the Client on a Windows Server 2012 machine where eDirectory 8.8 SP5 or later has already been installed. eDirectory on Windows Server 2008 includes NICI 2.7.6 or later, and installing previous versions of the Client which include NICI 2.7.4 or earlier can cause the NICI installation to become damaged.

3.5 The Total Path to the Installation Set Must Not Exceed 214 Characters.

The path to any and all files within a Client for Open Enterprise Server installation set must not exceed 256 characters.

Currently this means the directory path into which you extract the installation set must not exceed 214 characters. This limit is relative to the traditional MAX_PATH or 256-character limit in Windows applications, but also takes into account additional path space that is needed for running the installation.

If the installation set is being accessed from a remote network location, for example \\servername\volumename, the length of the network server and volume name also counts against the maximum depth, due to underlying processing that makes use of the real path to the installation set. Even if a mapped drive letter and/or the map root feature is used for accessing the installation set, the limit is measured as if a UNC path had been used.

4.0 Compatibility with Windows 10 Secure Boot

The Client for Open Enterprise Server 2 SP4 (IR4) and later provides enhanced compatibility with Windows 10 and the UEFI Secure Boot feature. On the Windows 10 July 2016 (build 10493) and later releases, and also on Windows 10 July 2015 (build 10240, before any Windows updates are applied), if the Client for Open Enterprise Server is running on a Windows machine where UEFI Secure Boot is enabled, then the machine fails to boot and instead launches Automatic Repair mode. To avoid this issue, install the Client for Open Enterprise Server 2 SP4 (IR4) on any Windows 10 machine where Secure Boot is enabled, rather than installing any previous version of the Client.

If you have already encountered this issue and your Windows 10 machine is booting into Automatic Repair mode, or if you must continue to use an earlier version of the Client for Open Enterprise Server but still need to avoid this issue, refer to the TID 7017838 to resolve the problem.

5.0 Known Issues

5.1 Windows 7 and Windows Server 2008 R2 Displays the Verification Prompt Even if Trusted Software Is Selected

During installations or upgrades of Client for Open Enterprise Server the Microsoft Verification prompt is displayed even if “Always trust software from Micro Focus” is selected or the certificate is installed as a “Trusted Publisher”.

To resolve this issue, apply the Microsoft HotFix KB2921916 in addition to selecting the “Always trust software from Micro Focus” checkbox or pre-installing the Micro Focus SHA-2 certificate as a “Trusted Publisher”.

5.2 The 8.3 File Name Support is Unavailable with the Lazy Close Feature

If the Lazy Close feature is set to "ON", the 8.3 (short file name/DOS name) file name support will be unavailable for Client for Open Enterprise Server. For example, a Dir /x command will display blank characters instead of the DOS/short file names and will display only the long names for the files in a mapped drive. Also, 16-bit applications will not be able to retrieve the 8.3 file names for the files.

5.3 “Login with Third-Party Credential Provider” Feature Not Supported When Microsoft Windows Live ID is Used

"Login with Third-Party Credential Provider" feature is currently not supported when a user tries to login using Microsoft Windows Live ID and Password. Novell plans to fix this in the future release of Novell Client. Also note that "Login with Non-Novell Credential Provider" feature works when PIN-based or Picture Based Login is enabled for the same Microsoft Windows Live ID.

5.4 Novell Products Not Supported with the Client for Open Enterprise Server

The NetWare Administrator utility (nwadmn32.exe) and ConsoleOne are not supported on Windows or with the Novell Client for Windows, except where explicitly declared by the ConsoleOne release notes.

5.5 Welcome Screen Issues

One-time Failure to Remember Last Logged-on User When Upgrading to Client for Open Enterprise Server

After installing Client for Open Enterprise Server on a machine which was previously using Novell Client 2 SP1 or earlier, during the next boot-up the “Username” field will come up blank rather than defaulting to the previous “last logged-on user” info. Once a new login has been performed using the Client for Open Enterprise Server, future logouts and/or reboots will correctly show the last logged-on user info again. Note that the Client login profile information (the eDirectory tree name, context, and so on.) has not been lost; only a one-time inability to display the last logged-on username.

This issue is not observed when you upgrade to Client for Open Enterprise Server from Novell Client 2 SP3 or SP2.

After Installing the Client, Local User Tiles Are No Longer Visible During Login

If you install the Client on a machine with multiple local users, after rebooting, you are asked to log in to the Client. At this point, there are only two available tiles: one for the local administrator user, and one for the Client for Open Enterprise Server. You will no longer see the individual tiles for the local users.

This is working as designed. The Client for Open Enterprise Server follows Microsoft’s recommendations to filter out the local user accounts after installing the Client. If you install the workstation into a Microsoft Domain, the local user tiles are also filtered out, and the Client follows this behavior.

Welcome Screen Cancel Button

When logging in to eDirectory via the Windows welcome screen, the Cancel button that is displayed is not active and therefore cannot be clicked.

Fast User Switching/Connecting via Remote Desktop Connection

When logging in to a Windows workstation using the Client for OES, OES connections made during the login will persist only if the Windows account you specify is not currently logged on to the workstation. If the Windows account specified is already logged in, Windows will reconnect you to that existing session when you log back in to the workstation, regardless of what eDirectory credentials might have been supplied, or whether they're the same as the eDirectory credentials already in use for that running session (if any).

This applies to both Fast User Switching and connecting via Remote Desktop Connection.

5.6 Authenticating to a OES Server Through a UNC Path

If you log in to a OES server using a UNC path in Windows Explorer and specify more than just the server and volume, the Windows Explorer window will appear in the foreground and the Results page will appear in the background.

If you specify only the server and volume, authenticating with a UNC path works correctly.

5.7 Using Ctrl+Alt+Del to Change Your Password

If you are currently authenticated to eDirectory, after entering your old password and new password, you will see a Change Password dialog box after clicking the Submit button. From the Change Password dialog box, you can choose which resources you want the password change to go to.

If you are not currently authenticated to eDirectory, the password change will only be performed for your Windows account.

5.8 Mapped Drive Icon Doesn’t Update on Re-Authentication

When you detach from a mapped Network drive, the mapped drive icon displayed in Windows Explorer changes to a red X to indicate that the mapped drive is no longer accessible. If you use the Client Tray icon to re-authenticate to the eDirectory tree (and you selected the Check to always map this drive letter when you start Windows option when you originally mapped the drive), the mapped drive icon does not update to show that the drive is accessible again.

5.9 LDAP Contextless Login Differences in the Client for Open Enterprise Server

The LDAP Contextless Login feature in the Client includes the following limitations for those familiar with the Novell Client 4.x for Windows XP/2003.

  • When invoking Show Advanced Options from the Client for Open Enterprise Server welcome screen (the login dialog seen at boot time and when logging out of Windows Vista), the LDAP Contextless Login lookup cannot be triggered when viewing the eDirectory tab. If LDAP Contextless Login is enabled, a lookup is performed after the user attempts to log in to eDirectory from the welcome screen.

    This is different from the LDAP Contextless Login behavior when running LOGINW32.EXE or selecting the OES Login option from the Client tray application on the desktop. In those instances, you can see the effect of the LDAP Contextless Login lookup prior to actually proceeding with the eDirectory login.

  • The options to search eDirectory using information other than a complete username (for example partial usernames using wildcards, or alternate attributes such as phone number or e-mail address) have been disabled in the Client for Open Enterprise Server. Only complete usernames can be used for LDAP Contextless Login.

5.10 Login Profiles

Using DHCP in Login Profiles

If <DHCP> is chosen as an option in a login profile for Tree, Context, or Server, it cannot be removed by simply editing the field when logging in or by saving the profile on successful login. Any values entered in these fields during login will not be saved when <DHCP> is enabled for that field. This is working as designed.

Disabling the Login Profile List

If you set the Login Profile List option (available on the Advanced Login tab in the Client Properties dialog box) to Off (meaning that the Login Profile drop-down list will not be displayed on the Client Login dialog box), your next login will automatically use the last profile you logged in with.

If you want to use the default profile when the Login Profile List option is turned off, make sure that you log in using the default before you turn the option off.

5.11 Using the Force Grace Login Password Change Option

If you set the Force Grace Login Password Change option (available on the Advanced Login tab in the Client Properties dialog box) to On (it is Off by default), the OES Login will require a password change on the next-to-last grace login instead of the last grace login.

To work around this issue, use one of the following options:

  • Avoid this setting. Users are prompted to change the password on every grace login, but on the last one they have the option of canceling out and potentially getting locked out if they log out one more time without changing the password.

  • Add one to the number of grace logins. The message will tell users that they have four, three, then two grace logins, and then they will be required to change the password.

  • Suggest that users change their password while they still have two or more grace logins.

5.12 File Caching Settings Ignored

The Client for Open Enterprise Server ignores the SET CLIENT FILE CACHING ENABLED parameter on NetWare servers. Caching is on by default. Setting the parameter to on or off has no effect on the Client behavior. This set parameter does still affect the NCP server’s behavior with regard to granting level 1 oplocks when requested.

To disable caching for a client, do the following:

  1. Right-click the Client Tray icon in the System Tray.

  2. Click Client Properties.

  3. Select the Advanced Settings tab.

  4. Select File Caching and set it to off.

For information on File Caching, see “Advanced Settings” in the administration guide for the client.

5.13 Exceeding Disk Quota Is Reported As Out Of Disk Space Error

When a user or directory quota has been exceeded, the expected error condition will reflect only out of disk space, in whatever manner the application chooses to report this error condition. The error status will not differentiate between the disk is out of total physical space and the current user or directory quota has been exceeded.

5.14 Login Script Execution Starts Before User’s Desktop

When logging in to both eDirectory and Windows through the credential provider of the Client for Open Enterprise Server, the processing of login scripts stored in eDirectory now starts at the same time other login scripts are processed, such as the Windows user login script. This means that eDirectory login script execution will start (but not necessarily finish) before the user's Desktop is built.

In addition, existing Windows policies such as Run logon scripts synchronously now apply to how the Client logon script execution will be handled. This appears to be the default behavior in Windows Server with Terminal Services, but the policy may need to be explicitly set in other Windows configurations.

If you require that logon script processing must finish before the user's desktop is built, you can enable this Windows policy in the Group Policy Editor (GPEDIT.MSC) under Computer Configuration > Administrative Templates > System > Scripts > Run logon scripts synchronously. Note the same policy is also available as a User Configuration policy.

5.15 Roaming User Profile Paths Saved On Non-Windows Servers

In Windows 2000 SP4 and Windows XP SP1 and later, by default Windows will require that the roaming profile directory successfully pass a test for specific Windows-based permissions. This test fails against OES Network paths since permissions are based on eDirectory permissions instead of Windows permissions, and can fail against Windows- or other non-Windows-based servers as well.

Windows defines a Do not check for user ownership of Roaming Profile Folders policy CompatibleRUPSecurity) to allow opting out of this security check where necessary. Enabling this policy is required to successfully store roaming profiles on a OES server or other Windows or non-Windows server where the security check cannot succeed.

In the Novell Client for Windows XP/2003, installation of the Client automatically enabled the CompatibleRUPSecurity policy by default, regardless of whether it was known that user profiles were being saved to OES Network paths. Administrators who did want to allow the new Microsoft security test to be performed had to override and disable the policy.

Installation of the Client on Windows Vista and later does not enable the CompatibleRUPSecurity policy by default. Administrators must enable this policy if they intend to store roaming profiles on OES or non-OES servers that will fail the Microsoft security check.

NOTE:In addition to being able to push this policy setting out with normal Novell ZENworks or Microsoft Group Policy methods, the Client also provides a parameter Allow Roaming User Profile Paths to non-Windows servers in Client Properties. This parameter can be set during installation through use of a Client Properties File (NCPF), for example UNATTEND.TXT.

5.16 Windows Program Compatibility Assistant May Be Invoked After Successfully Running NCIMAN.EXE on Windows 7, 8, 10 or Windows Server 2012

After running the Client Installation Manager (NCIMAN.EXE) application on Windows 7, 8, 10, or Windows Server 2012, Windows may prompt with the Program Compatibility Assistant as though NCIMAN.EXE was an installation program that may not have completed successfully.

NCIMAN.EXE is not actually a program that attempts to install or uninstall any part of Client for Open Enterprise Server software, and is just a tool for creating and editing Client Property Files (NCPF), such as an UNATTEND.TXT file.

This warning can be ignored by simply selecting the This program installed correctly link offered by the Windows Program Compatibility Assistant.

5.17 TSClientAutoAdminLogon May Not Use The Profile Specified In DefaultLoginProfile

As part of establishing a TSClientAutoAdminLogon policy, it is required to create a DefaultLoginProfile value to specify which Client login profile should be used for the eDirectory portion of the login.

For Windows Server configurations where only a single Client login profile exists anyway (for example, Default), there is no issue and the single profile will be successfully used. But it has been observed that when more than one login profile is defined, it is possible for the TSClientAutoAdminLogon attempt to use the last-used Client login profile for a user instead of the login profile explicitly specified in the DefaultLoginProfile configuration.

This represents an unintentional behavior, and is being examined for future versions of the Client for Open Enterprise Server. The workaround if this issue is encountered is to define and use just a single Client login profile, at least on Windows Server machines on which Terminal Services and TSClientAutoAdminLogon are expected to be used.

5.18 A Kernel-Mode Bugcheck May Occur If eDirectory Connections Are Cleared While A File Copy Operation Is In Progress

If a file copy operation is in progress with many and/or large files and the user attempts to either clear their eDirectory connections or change whom they are logged into eDirectory as while the file copy operation is still in progress, it has been observed that instead of the expected file access failure it is possible for the workstation to report a blue screen or kernel-mode bugcheck.

This issue is being examined for future versions of the Client. The workaround is to recommend that users not attempt to clear their existing eDirectory login or NCP connections out from under a file copy operation that is in progress.

5.19 Running PUTTY.EXE From A OES Network Path May Cause Workstation Hang

Running PUTTY.EXE from a OES Network path can sometimes cause the workstation to become non-responsive. Analysis has shown that the OES server appears to become non-responsive to the workstation right at the time SSH-specific communication is attempted by PUTTY.EXE.

This issue is being examined for future versions of the Client and/or the OES servers.

5.20 Login From Windows Welcome Screen May Not Use Windows Username From Client Login Profile

In cases where the Client credential provider used by the Windows welcome screen login is switched between Computer Only Logon mode and Network Logon mode prior to performing a Network Logon login attempt, the Windows account name used during the login attempt might be whatever Windows account name was specified in the Username field while the credential provider was in Computer Only Logon mode, instead of the correct Windows account name saved and retrieved from the Windows tab of the effective Client login profile.

This represents an unintentional behavior, and is being examined for future versions of the Client. The workaround is to avoid the switch between Computer Only Logon mode and Network Logon mode when possible. And when the issue does occur, provide the correct Windows account credentials in the Windows logon fields that appear after the attempt to use the incorrect Windows account name.

5.21 Failures Installing, Uninstalling, and Using the Client for Open Enterprise Server if iPrint is Installed Before the Client

The Novell iPrint 5.32 and iPrint 5.30 clients contain an issue in which incorrect security is established on the [HKEY_LOCAL_MACHINE\Software\Novell] registry key, if and when the Novell iPrint client was the first installed software that needed to create this registry key. This registry security issue is addressed in the Novell iPrint 5.35 client and later.

If the Novell iPrint 5.32 or iPrint 5.30 client is installed prior to the Client for Open Enterprise Server, the security that is established on the [HKEY_LOCAL_MACHINE\Software\Novell] registry key causes incorrect security to be propagated to the Client's own registry sub-keys. In addition, the incorrect registry security can cause the Novell NMAS Challenge Response Method installation to fail with Error 1603, due to incorrect registry security which was propagated to the Novell NMAS Client's registry sub-keys.

The Novell Client 2 SP1 (IR1) contained some mitigation for this issue that could clean-up the incorrect registry security established by Novell iPrint and proceed with a successful Client installation if the Client for Open Enterprise Server or earlier Client installation had not already been attempted and failed after installing the Novell iPrint client. If a failed Client installation had already been attempted after installing the Novell iPrint client first, the Novell Client 2 SP1 (IR1) installation will still fail due to the improper registry security which has already been established.

The Novell Client 2 SP1 (IR2) contains further mitigation which will actually clean up the registry security issue created by the Novell iPrint client, and furthermore will clean up the incorrect security which may have already been propagated to the Client registry sub-keys and the Novell NMAS Client sub-keys. So on a machine where the Novell iPrint 5.32 or iPrint 5.30 client was installed prior to the Client for Open Enterprise Server, but a Client installation has already subsequently failed, the primary corrective action to perform is to install Novell Client 2 SP1 (IR2) on top of the previously failed Client installation.

There is however one scenario under which even the Novell Client 2 SP1 (IR2) fix will be unable to detect and clean-up registry security problems which still exist due to the Novell iPrint client installation. This problem scenario occurs specifically when all of the following conditions are met:

  • Novell iPrint 5.32 or iPrint 5.32 was installed before the first Client installation.

  • Novell Client 2 SP1 or earlier was installed without NMAS, and with or without NICI.

  • Same machine was then upgraded to Novell Client 2 SP1 (IR1); installed with or without NMAS, and with or without NICI.

  • Same machine was then upgraded to Novell Client 2 SP1 (IR2); installed with or without NMAS, and with or without NICI.

In this specific sequence where the initial failed Client installation was performed after explicitly deselecting Novell NMAS from being installed with the Client, the subsequent mitigations for the Novell iPrint security issue performed by the Novell Client 2 SP1 (IR1) and Novell Client 2 SP1 (IR2) installations are unable to detect or correct that further clean-up of the Novell iPrint registry security permissions is still necessary.

The symptoms that occur when a machine is still in this broken state include a crash that occurs whenever the Client login dialog would have been presented. For example, when attempting to invoke the “Show Advanced Options” link on the Windows welcome screen, the Windows LogonUI.exe process can crash. When trying to invoke “OES Login” from the client tray menu in the Windows taskbar notification area (systray), the Client NWTRAY.EXE process can crash.

Unfortunately the incorrect permissions established on the registry by Novell iPrint client will also prevent successful un-installation from being performed after the machine is already in this state. This remaining scenario where the Novell iPrint registry permissions are not successfully cleaned up is being examined for additional mitigation in future versions of the Client.

5.22 eDirectory AutoAdminLogon Requires Windows AutoAdminLogon

Establishing an eDirectory AutoAdminLogon configuration requires that a Windows AutoAdminLogon configuration is also established. Meaning at minimum an automatic Windows account logon will occur if only a Windows AutoAdminLogon is configured; or both an eDirectory account logon and a Windows account logon will occur if both eDirectory AutoAdminLogon and Windows AutoAdminLogon are configured. Any workstation where only an eDirectory AutoAdminLogon is configured will now have the AutoAdminLogon configuration ignored, instead of experiencing undefined results.

For more information on configuring a Windows AutoAdminLogon policy or both an eDirectory AutoAdminLogon and Windows AutoAdminLogon policy, see Section Enabling AutoAdminLogon of the Client for Open Enterprise Server Administration Guide.

5.23 Client for Open Enterprise Server 802.1x Authentication Not Supported with Microsoft Server 2008 R2-based RADIUS Server

The Client 802.1x Authentication integration does not succeed when Microsoft Server 2008 R2- based RADIUS service is being used for 802.1x authentication.

For more information, see TID 7007679 or bug 631640.

5.24 Windows Logon or Lock Screen Displayed Behind the Novell Clients' Show Advanced Options Dialog

With the Client installed in Windows 8, if you enter the “Show Advanced Options" dialog, or if you proceed with a login attempt when the login profile is not yet populated such that Client forces you to see and populate the "Show Advanced Options" link, delaying any further input at this point will cause the Windows lock screen to be displayed behind the "Show Advanced Options" dialog.

In some cases the lock screen will display after 60 seconds and then dismiss itself after another 60 seconds. This will happen in a continuous sequence without any user intervention. Micro Focus/OES plans to fix this issue in a future Client release.

5.25 Issues in Installing Novell Client 2 SP4 for Windows (IR1) on Windows 10

If Novell Client 2 SP4 for Windows (IR1) does not work on Windows 10, ensure that you have latest Windows 10.

5.26 Issues in Novell Client 2 SP4 for Windows (IR1) When Windows 7 or 8.1 is Upgraded to Latest Windows 10

If you install the Novell Client 2 SP4 for Windows (IR1) on Windows 7 or 8.1 and then upgrade the Windows to latest Windows 10, the already installed Novell Client 2 SP4 for Windows (IR1) might not work properly. To avoid this issue, ensure that the Novell Client 2 SP4 for Windows (IR1) is newly installed on Windows 10.

This issue is being examined and will be fixed for future versions of the Client.

6.0 Unsupported Functionality

6.1 Mapping RDN Paths

Relative distinguished name paths are not supported for mapping network drives. For example \\tree\server_volume.context. (note the trailing period) is not supported whereas \\tree\server_volume.context (no trailing period) is.

7.0 Fixes Since the Last Release

  • Re-branded Novell Client for Windows by Novell to Client for Open Enterprise Server by Microfocus. (Bug 972327)

  • Sending a broadcast message to multiple users might crash when displaying the results. (Bug 918222)

  • Using an equal "=" sign or other delimiters in the user name field could cause login to fail. (Bug 905616)

  • Unused portions of the application's read buffer could still be written to when reading less than 64KB. (Bug 956734)

  • Directory space restriction drop-down selection of KB/MB/GB/TB is not visible in Windows 10. (Bug 977217)

  • On 64-bit versions of Windows, 64-bit NICI is installed by default even if not selected for installation. (Bug 979875)

  • On 64-bit versions of Windows, a 32-bit application accessing a DFS-involved path or eDirectory-based UNC can display a blue screen. (Bug 960769)

  • When other products wrap the Credential Provider (such as ZENworks FDE), the "Novell Logon" option is shown even when set to "Off". (Bug 963238)

  • Possible deadlock when handling an NCP oplock break notification while an application operation for the same file is in progress. (Bug 968514)

  • "Sharing violation" and "insufficient rights" conditions were not handled in File Delete and File Caching scenarios. (Bug 966923)

  • Error messages could be shown when changing the password failed due to complexity requirements. (Bug 968494)

  • The login profile field and drop-down list can be empty after applying the Windows 10 KB3147458 update. (Bug 975344)

  • Login scripts might fail to run when another network provider (such as non-Windows 10-compatible versions of iPrint) crashes. (Bug 950183)

  • Messages related to password expiration were not worded correctly in French. (Bug 954638)

  • NCIMAN might fail to read or write all settings depending on which Windows user is running NCIMAN. (Bug 875991)

  • Ampersand "&" character in eDirectory object names could fail to display properly in the system tray menu and shell extension displays. (Bug 861787)

  • Added optional support for synchronizing the Windows and eDirectory passwords during "Login with non-Novell Credential Provider". (Bug 934385)

  • "Computer Only Logon If Not Connected" presented unexpected eDirectory logon when Windows failed to identify the connected network. (Bug 947790)

8.0 Documentation

For information on installing, using, and administering the Client for Open Enterprise Server, see

For information on Login Scripts, see the Novell Login Scripts Guide.

9.0 Legal Notices

For information about legal notices, trademarks, disclaimers, warranties, export and other use restrictions, U.S. Government rights, patent policy, and FIPS compliance, see

Copyright © 2016 Novell, Inc., a Micro Focus company. All Rights Reserved.

9.1 OpenSLP

“OpenSLP” is copyrighted to Caldera systems. Micro Focus ships a modified version of OpenSLP for the Client for Open Enterprise Servers. Micro Focus supports the modified OpenSLP software shipped with the Client for Open Enterprise Server.

Copyright © 2000 Caldera Systems, IncAll rights reserved.Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

  • Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.

  • Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.

  • Neither the name of Caldera Systems nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.