General discussion

Locked

Password Intercept Apps on ZfD

By leo.valmores ·
Could anybody explain what the purpose of Password Intecept application that is run on Zenworks for Desktop is for? I have a vague understanding that it is used for verifying passwords on Novell NDS or etc.?

Are all Novell Admins running this app? Or could the Admin be collecting passwords from all users on the network?

This conversation is currently closed to new comments.

3 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

by mrjay67 In reply to Password Intercept Apps o ...

This is not an app that everyone uses or at least we dont. I dont know what the app is doing but it was certainly manually created by some novell/zenworks admin. I think there are only a couple of apps created by default and they are just used for registering workstaions into the network. I would hope that they arent collectig passwords but it is possible. If they are i hope its only to verify that the passwords are strong are for legit reasons.

hth

Jason

Collapse -

by leo.valmores In reply to

I am glad that at least you tried to explain and for that I give you the ratings.

However, for Admins involved in both eDir of Novell and ADS for MS servers, then there is such apps for ZfD. Its main purpose synch'ng passwords when user is forced to change pw. I guess my next question is: are the password encrypted when they are stored in eDir or ADS databases?

Below is extract of more info what the app is:
Quote:
How does Password Intercept work?

Does it need to go on all 2k servers? Does it need to go on all client PCs? Does it require the Novell Client to be installed? Does it need to go on all NetWare servers?

We have an issue where the intercept is installed on a win98/xp machine. We have forced expiration of the password for the user. When they login they are prompted to change their password, which they do. It takes a terrible long time for this to change and whilst awaiting the sync, they can't use their new password for AD. Is there anyway to speed things up?
A:
Here's the scoop. There are two Intercepts: Windows Intercept, and Client32 Intercept. The Windows Intercept needs to be installed on any Windows server that people can login to and change their Windows password on--standalone or domain. The Client32 Intercept needs to be installed on any workstation that can be used to change an eDirectory password, especially one using ConsoleOne. Yes, you need Client32 to install the Client32 Intercept and no you don't need to install either Intercept on a NetWare server.

There is a case where you don't have to install the Client32 Intercept on every workstation - if your users ALWAYS login to both NetWare and a Windows domain at the same time. In that case, changes to the domain password will sync to eDir through the Windows Intercept.

There is no way to speed up the password sync process, but you can make it more user-friendly. If your users normally login to both NetWare and Windows domains at the same time, set the Windows password expiration interval to be 2 or 3 days less than the eDir interval. That way when the user gets prompted to change their password for Windows they will already be connected to eDir. Then changing their Windows password will cause their eDir password to change, but the time lag won't affect them because they will be already logged in.

Try having a replica containing all of your user/group objects on the same server as the Manager. If you try to run a Manager, and Receiver on the same box, expect things to be slow unless you've got a lot of memory. Running the Manager and an Agent on the same server is usually ok.
UnQoute:

Collapse -

by leo.valmores In reply to Password Intercept Apps o ...

This question was closed by the author

Back to Networks Forum
3 total posts (Page 1 of 1)  

Related Discussions

Related Forums