The Client for Open Enterprise Server software extends the capabilities of Windows desktops by providing access to Open Enterprise Servers (OES). Once installed on workstations, clients enable users to enjoy the full range of OES services such as authentication via eDirectory, network browsing and service resolution, and secure and reliable file system access; all delivered through industry-standard protocols. The Client supports Micro Focus’s traditional NCP protocol.
The Client for Open Enterprise Server 2 SP7 (IR1) is supported on the following platforms:
Suggested for you are based on app category, product compatibility, popularity, rating and newness. Some apps may not show based on entitlements. Learn more about entitlements.
1. Applications using Windows WNet APIs to perform eDirectory authentication could fail, including ZENworks and NET.EXE command lines (Defect ID: - 595027)
2. Presence of Citrix Application Protection component could lead to failure to execute eDirectory login scripts during login (Defect ID: - 545045)
3. Invoking the CTRL-ALT-DEL Change Password option could fail to present the dialog for choosing which eDirectory and Windows resources to perform password change (Defect ID: - 601057)
1. Client for Open Enterprise Server 2 SP6 (IR1) and earlier unable to run successfully on Windows 11 Insider Preview 22557/Windows 11 2022 H2 and later, citing “a certificate has been explicitly revoked”.
2. If TCP-level VLDB communication is blocked, all VLS connection slots become full after repeated failed attempts to traverse DFS junctions. Once the connection slots are full, even if TCP-level communication to the VLDB is then restored, DFS junctions continue to fail until the workstation is rebooted.
3. eDirectory AutoAdminLogon will fail if a clear-text eDirectory AutoAdminLogon password has not been provided, instead of falling back to using the Windows AutoAdminLogon password for the eDirectory AutoAdminLogon. (OCTIM52A507238)
4. If NetIQ Advanced Authentication client is installed on a machine where Client for Open Enterprise Server is already installed, the NetIQ credential provider will appear and be used successfully. This continues until someone visits Client Properties and saves any change, at which point the pre-existing Client Properties settings to use Client for Open Enterprise Server credential provider will be re-asserted. Now in SP7, presence of the NetIQ credential provider is recognized as a state to be maintained when visiting Client Properties, until a different credential provider mode is explicitly selected. (OCTIM52A499791)
5. NCCredProvider was failing to call ZENworks DLU LocalPreLogonNotify callback if a UPN username had been entered by the user, because the domain value was intentionally blank in this case.
6. Provide customer with new “Enforce eDirectory Desktop Login With NetIQ Credential Provider” policy to allow opting-out of Advanced Authentication enforcement for eDirectory-only logins performed from the desktop. (OCTIM52A499791)
7. AutoAdminLogon processing could fail to proceed to checking for eDirectory AutoAdminLogon, if and when a Windows domain-involved Windows AutoAdminLogon returns ERROR_TRUSTED_RELATIONSHIP_FAILURE when trying to determine the SID of the Windows AutoAdminLogon user. (OCTIM52A507238)
8. Checking for an existing mapped drive letter could potentially fail due to case-sensitivity.
1) OCTCR52A414024 Having LDAP Contextless Login caching enabled could create random initial NCP connections
2) OCTCR52A397425 When AutoAdminQueryNDS is enabled, the ForceLastUserName policy would not be applied
3) OCTCR52A382073 When AutoAdminQueryNDS is enabled, every Windows account logon uses AutoAdminLogon credentials
4) OCTCR52A380500 Uninstalling the latest client to re-install an older version could result in files from the latest client being retained
5) OCTIM52A339003 AutoAdminLogon could fail when the configured Windows user account was an Azure Active Directory account
6) OCTCR52A333010 LDAP Contextless Login errors could be hidden when logging in with the credential provider
7) OCTIM52A229001 Deleting a folder could fail if any of the file name exceeded 128 characters
8) OCTIM52A136048 Potential buffer overrun when the WNetGetUniversalName API is called for path longer than MAX_PATH
9) OCTCR52A131055 When DontDisplayLockedUserId is enabled, a Change Password with Advanced Authentication enabled can fail
10) OCTCR52A80039 LDAP Contextless Login could return a context with some Unicode characters still escaped
What’s New in Client for Open Enterprise Server 2 SP6
Client for Open Enterprise Server 2 SP6 and later supports Windows 10 update (version 21H1).
Supports Windows 10 Multiple Credential Provider Selection
Client for Open Enterprise Server 2 SP6 optionally supports a Windows 10 credential provider behavior which allows users to select among multiple installed credential providers if necessary easily. When enabled, the Client for Open Enterprise Server credential provider appears in the “Sign-In Options” list along with the other available credential providers for the Windows user accounts.
By default, Client for Open Enterprise Server still operates in the “legacy mode” that presents only the last logged-on user and the “Other User” credential. Starting with Client for Open Enterprise Server 2 SP6, both modes of operation are available to provide whichever behavior would best accommodate the login needs of a workstation.
The Custom Branding feature provides a text-based branding change to customize any string or a specific keyword as per the requirement. The feature also offers multi-language support to customize the strings as per the language preference in which Client for OES was installed.
NCP Encryption and Multi Factor Authentication Enhancement
The Client for Open Enterprise Server 2 SP6 provides support for NCP Encryption and Multi Factor Authentication capability on the volume level as well. Now each volume can be separately configured for encryption or Multi Factor Authentication.
For information on the NCP server side configuration for Volume Encryption, see Managing NCP Security Configurations in the OES 2018 SP3: NCP Server for Linux Administration Guide.
Azure based Active Directory Login Support
The Client for Open Enterprise Server 2 SP6 now provides Azure Active Directory Support. Users can now login to a Microsoft-hosted Azure Active Directory domain using the Client for Open Enterprise Server.
Salvage and Purge Enhancements for Search Filters and Search Subdirectories
The Client for Open Enterprise Server 2 SP6 provides filter options in Salvage and Purge window to help customers navigate the exceedingly long lists of available files. This filter option enables a user to generate and implement an ability to filter the list by different criteria. For example, a specific filename pattern, or a specific date range for the file's deletion timestamp, or a specific date range for the file's creation or modification timestamp.
One can now browse through the deleted subdirectory files from the Salvage/Purge window with the Include Subdirectory Files checkbox option.
Client for Open Enterprise Server 2 SP5 (IR2) (06Nov2020)
1. Possible memory corruption if the NCP Encryption initialization failed unexpectedly. (Bug 1173526)
2. Unlock workstation may require entering old password if expired eDirectory password was changed during logon. (Bug 1173022)
3. Secure Login unable to learn new Windows account password during password change. (Bug 1172634)
4. Remote Desktop login could cause "invalid parameter" to be shown during subsequent non-RDP unlock attempts. (Bug 1172238)
5. Unable to delete folder after creating and closing Microsoft Office documents within folder. (Bug 1153584)
6. The "S R W E C M F A" labels above the Trustee Rights checkboxes could become mis-aligned on some displays. (Bug 1013270)
Client for Open Enterprise Server 2 SP5 (IR1) (27Jul2020)
1. Possible bugcheck in NCIOM.SYS using eDirectory-based UNC path. (Bug 1172610)
2. Cryptic error message provided when user is not allowed to change password. (Bug 1172489)
3. Possible bugcheck during an unexpected failure to load NCFSD. See TID 7024688. (Bug 1172307)
4. Cryptic error message provided when password does not meet password policy. (Bug 1171929)
5. Password expiration on non-English workstations could show blank prompts. (Bug 1171855)
6. Once enabled in Client Properties, Force Password Change could not be disabled. (Bug 1171573)
7. Using Refresh button or F5 key in Salvage Files list could create duplicate entries. (Bug 1151476)
8. Using Run Logon Scripts Synchronously policy could cause long delays if script execution required prompting. See TID 7023452. (Bug 1105790)
The feature NCP Encryption on OES is a security feature that increases the security of data transmitted across networks between the NCP server and clients.
The Client for Open Enterprise Server 2 SP5 and later provides support for NCP Encryption capability on the OES 2018 SP2 or later server. The following are the new parameters introduced in the Client Properties to support this functionality:
For more information on the parameters, see Advanced Settings in the Client for Open Enterprise Server Administration Guide.
For information on the NCP server side configuration for NCP Encryption, see Managing NCP Security Configurations in the OES 2018 SP2: NCP Server for Linux Administration Guide.Multi Factor Authentication Enhancement
The Advanced Authentication capability on the Client for Open Enterprise Server 2 SP5 is enhanced to support the Multi Factor Authentication (MFA) on the OES 2018 SP2 server. For more information on the NCP server side configuration for MFA, see Managing NCP Security Configurations in the OES 2018 SP2: NCP Server for Linux Administration Guide.Server Platform Support
The Client for Open Enterprise Server 2 SP5 supports the Open Enterprise Server (OES) 2018 SP2 release.Enhanced eDirectory Password Expiration Handling
Previously, the eDirectory password expiry was handled after the execution of the eDirectory login scripts on the user’s desktop. Now, the eDirectory password expiration is handled during the login of the user and changing the passwords during the grace login period.
In cases where the eDirectory account also defines the Windows account, updating the eDirectory password prior to the Windows account improves Domain Services for Windows and other domain account synchronization scenarios.
Please upgrade to one of the following broswers: Internet Explorer 11 (or greater) or the latest version of Chrome or Firefox