You could use Novell Identity Manager to create an AD for you, that would only be used to house the workstations and replicated users, groups and passwords. This would allow you to use eDir as the authoritative source and AD for VDM integration, similar to VDMs use of ADAM.

I think the only problem with this plan is that you're probably also going to want to log in to EDirectory using the Novell Client, which doesn't work very well with the VDM GINA, at least not for me and not yet. I'm going to hack around on this some and see if there's a way I can get this GINA to pass login information to my Novell Client GINA but so far I'm at a loss. We pretty much have to use the Novell Client for logins because of an assorted amount of issues we have. As I experiment, I'll post on here and let other Novell users know how it's going.

Jerel

Message was edited by: jerel

I am interested in your findings. I am in the same spot. I switched the ginas around but that means users have to login 2 times once to the VDM client and then to the Novell client.

I hope your test go well!

I'd like to see what you found out too. We're currently working with eDirectory and we don't want to switch to AD. We want to keep Microsoft a bit at bay. So if you found a way to work around this, I'd be very interrested to hear about that.

I'm VERY interested as well in anything you might find -- we're a full Novell eDirectory shop with 2500+ desktops so this could rule out VDM as a broker for us.

Ok all, I've been working on Netware Client/Zenworks integration in my spare time and have found the following assuming you are using IDM to replicate eDir users and groups to AD:

1) join XP desktop to an AD domain - this is a must. VDM SSO does not seem to work without being in the same domain as the user logging into the VDM Client interface.

2) install NWclient 4.9 or above

3) configure contextless login per http://support.novell.com/techcenter/articles/ana20030901.html

4) install vdm agent

5) entitle user to desktop/pool

6) user logs into VDM client or web interface and provides username, password, domain.

This will sso into the VDM desktop including desktops in pools.

The only thing I didn't get confirmed was the contextless login as I only had the only DLL based contextless login, not the one referenced in the URL above. Can someone test and confirm this as I will not have access to an environment to test for at least a month. Not that you've been waiting long

The only thing that does not work, is Zenworks computer policies, but user policies do work.

An alternative approach is:

1) install NWclient 4.9 or above

2) configure contextless login per http://support.novell.com/techcenter/articles/ana20030901.html

3) install vdm agent

4) create generic user with no rights to anything, not even Domain Users?

5) entitle generic user to desktop/pool

6) change VDM Client shortcut to use command line with generic user, password, domain, desktop name etc or put that info in a file and reference the file with -file xxxxx with xxxxx being fullpath\filename.ext

An alternative to this item is not install the SSO component in item 3. But the user must login twice.

7) user runs VDM Client and autoconnects and is presented with NWClient login dialogue box, everything works as expected

This still gives us centrally managed dynamic desktop pools, just not so dynamic connection.

Hope this helps

Phil

Remember that VDM is not the only VDI broking software out there. if you are a eDirectory or use an authoritive authentications service other than AD then investigate Leostreams Hosted Desktop Broker it can utillise Novell® eDirectory^TM coupled with support for ZenWorks, or open LDAP servers as well as ADS.

Tom Howarth

VMware Communities User Moderator

What Service Pack of the Novell Client are you using?

Sorry for the delay, I've been on leave

Novell Client 4.91 SP4 on Windows XP SP2

Phil