NMAS.NLM intruder detection locked user account

Posted on 2007-08-02
Last Modified: 2011-09-20
Hi there

We get alot of these errors on the console on a customer site. I'm not entire sure if every user is creating this error pop up on the server. Some of the users are already using the Novell Client 4.9~

This TID asking me to complete a few things which could be related to this. As my knowledge on this site is limited, could someone explain to me in laymans terms what is necessary? Or perhaps do you know what is precisely causing this?

Question by:MarkMichael
    LVL 19

    Accepted Solution

    Which version of Netware is being used? If you've got 6.5, the easiest thing to do is enable a Universal Password policy and associate it with the tree (or the container your users are in). That way the simple password will be automatically populated by policy upon a successful login from an NMAS enabled client (Novell Client 4.9+ with NMAS and NICI installed).

    If you try to connect to a Netware server running CIFS from a machine without a Novell Client, the standard NDS password in eDirectory cannot be reversed in order to validate it. This is why the simple password exists. It's stored in a fashion which can be used to compare with the hash sent in a CIFS request. Universal Password is just that, universal. It is secure, yet reversable enough to allow the system to populate password attributes compatible with other systems from it.

    If all the machines which access your Netware server have a Novell Client installed, you don't need CIFS/AFP loaded at all, so simply comment out CIFSSTRT and AFPSTRT in the autoexec.ncf file and all the errors will (should) go away as noone will be able to attempt non-NCP filesystem mounts.
    LVL 15

    Author Comment


    We have NetWare 6.5 Installed and eDirectory Reading the TID, it explains that NMAS is installed with eDirectory. Is there a way of turning this off too, since none of the clients are meant to have this client protocol  installed.
    LVL 15

    Author Comment

    Btw, thanks for your answers. I have now turned off CIFS/AFP and there are no errors as of yet! :D
    LVL 35

    Assisted Solution

    The only purpose of NFAP/AFP is for Apple/Mac "native" access.  The purpose for NFAP/CIFS is for Windows "native" access and the purpose for NFAP/NSS is for native *nix/linux access.  So, if you also don't connect your NetWare volumes to *nix, presenting them as NSS mount points, you don't need to have *any* of the NFAP modules loading.

    You should, however, plan to implement NMAS Universal Password, because in addition to being the basis for so many cross-platform interoperability features, it's also the way to establish "strong password" rules.  

    Other NMAS methods can be incorporated as well, as needed, to provide smart-card/token authentication, biometrics, etc.
    LVL 19

    Expert Comment

    I wouldn't recommend the NMAS documentation if you can avoid it though - it makes my head hurt. Unfortunately the current certifications are quite keen on it :/

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Looking for New Ways to Advertise?

    Engage with tech pros in our community with native advertising, as a Vendor Expert, and more.

    ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
    In the modern office, employees tend to move around the workplace a lot more freely. Conferences, collaborative groups, flexible seating and working from home require a new level of mobility. Technology has not only changed the behavior and the expe…
    It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
    Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…

    737 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now