Novell SecureLogin 7.0 Service Pack 3 Hotfix 6 Readme

May, 2013

Novell SecureLogin is a single sign-on application. It consists of multiple, integrated security systems that provide authentication and single sign-on to networks and applications. It provides a single entry point to the corporate network and its user resources, increasing security while enhancing compliance with corporate security policies. Novell SecureLogin eliminates the requirement for users to remember multiple usernames, and passwords and automatically enters them for users when required. For detailed information on Novell SecureLogin, visit the Novell SecureLogin product Web site.

Novell SecureLogin 7.0 Service Pack 3 Hotfix 6 improves usability, and resolves several previous issues. Many of these improvements were made in direct response to suggestions from our customers. We thank you for your time and valuable input. We hope you continue to help us ensure our products meet all your needs.

1.0 What’s New?

Novell SecureLogin 7.0 Service Pack 3 Hotfix 6 includes the following enhancements and software fixes.

1.1 Enhancements

1.1.1 New Registry Setting to Synchronize LDAP Password With the Modified Windows Password

SecureLogin now provides a new registry value SyncLDAPPassword to synchronize the LDAP password with the modified Windows password. (Bug 807372)

To configure the registry setting:

  1. Install SecureLogin in the LDAP Credential Manager Mode (After Successfully Logging into Windows option).

  2. Set the user association to Windows.

  3. Open the Registry Editor using the regedit command.

  4. In HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Login\LDAP, create a new DWORD value.

  5. Set the value of the key to 1 to synchronize the login password with the LDAP password. If you don’t want the login password to synchronize with the LDAP password, set the value of this key to 0.

1.1.2 Support for NESCM Identity Plug-in Functionality

SecureLogin integrates the NESCM Identity plug-in functionality in LDAP mode for Smartcard authentication. This enhancement provides the User Account Lookup functionality during authentication and eliminates the need for users to enter their login names. (Bug 803984).

For more information on the configuration options, see User Account Lookup (Identity Plug-In Functionality).

1.2 Software Fixes

1.2.1 The protocom-SSO-Connections Attribute Randomly Does Not Clear Timestamp Information

Issue: After the user logs out of SecureLogin, the protocom-SSO-Connections attribute continues to have the IP address and timestamp information. (Bug 789638)

Fix: The protocom-SSO-Connections attribute clears the IP address and timestamp information when the user logs out.

1.2.2 Wildcard Searches Possible Even With DoNotUseWildCardinSearch Setting Enabled

Issue: When the DoNotUseWildCardinSearch registry entry is enabled, the user can still perform searches using wildcard character * (asterisk) (Bug 812320).

Fix: When the DoNotUseWildCardinSearch registry entry is enabled, the user cannot perform searches with wildcard characters.

1.2.3 Updating Cache or Synchronizing With Active Directory Over VPN Results in -341 Error

Following are the issue and fix details for different manifestations of this error: (Bug 804802)

Issue: SecureLogin attempts to use the cached user name for non-kiosk mode operation. Due to this the online-offline transition fails.

Fix: SecureLogin now does not use the cached user name for non-kiosk mode operations.

Issue: SecureLogin fails in its attempt to go online as conversion of domain name to FQDN fails. This also results in cache synchronization errors.

Fix: SecureLogin now validates the user name before attempting to go online.

Issue: SecureLogin throws prompts for each error encountered during cache synchronization.

Fix: SecureLogin now displays a prompt for the first error and then logs rest of the errors.

Issue: SecureLogin in Active Directory Mode attempts to go online even when the network is down.

Fix: SecureLogin now launches in offline mode even after the network connection is restored. The user can choose the Work Online option from the Advanced tab to attempt reconnection.

2.0 Installing or Upgrading to HotFix 6

Prerequisite: Ensure that you are already on SecureLogin version 7.0 SP3 before you attempt to install the latest hotfix.

  1. Go to download.novell.com.

  2. Select Patches > search patches.

  3. Select SecureLogin from the drop-down list. The Hotfix 6 will be listed under SecureLogin 7.0.3.

If you are on an earlier version of SecureLogin, you must upgrade to 7.0 SP3 before you install the latest hotfix. For more information see, Upgrading SecureLogin.

Table 1 Upgrade Paths

Source Version of SecureLogin

Target Version of SecureLogin

7.0.SP3 (Any Hotfix)

7.0 SP3 Hotfix 6

7.0.SP2 or any earlier service pack

First upgrade to 7.0 SP3, then install the latest Hotfix

7.0

First upgrade to 7.0 SP3, then install the latest Hotfix

3.0 Known Issues

  • SecureLogin Crashes on a Windows 2008 R2 Server (Bug 751834).

    This issue is seen on machines that have File Redirection Policy Settings enabled.

    To workaround this issue, disable Data Execution Prevention (DEP) on the Win2008 R2 server. For details see, TID 7010560

4.0 Documentation

The complete documentation is available at, Novell SecureLogin 7.0 SP3 Documentation Web Site.

For detailed information of all the known issues for SecureLogin 7.0 Service Pack 3, see Known Issues in the Novell SecureLogin 7.0 Service Pack 3 Release Notes.