KACE Dynamic Local User Creation?
Hi we are running in a non-AD environment and wanting to migrate from Novell Zenworks to Dell KACE. 1 Problem is that currently Zenworks handles our DLU policies to dynamically create user accounts on the users pc's linked with their LDAP (edirectory) credentials on the fly.
ie. user tries to login to workstation that doesnt have their user account locally created, Zenworks searches and creates this based on their LDAP creds.
Can KACE do this also or does it require AD infrastructure to be installed everywhere?
ie. user tries to login to workstation that doesnt have their user account locally created, Zenworks searches and creates this based on their LDAP creds.
Can KACE do this also or does it require AD infrastructure to be installed everywhere?
0 Comments
[ + ] Show comments
Answers (6)
Please log in to answer
Posted by:
cblake
12 years ago
This may be a better question for a Novell discussion group? Without knowing more about the scripts they use to perform the task it might be tough to duplicate, but the crux of it is yes- it could be done. Through a combination of VB scripts and command line options I can envision this...
Posted by:
Micka007
12 years ago
I know on the Novell side how it works (using Novell Zenworks DLU policies - it does an LDAP comparison of what the user entered with the LDAP source, ie edirectory, then if correct it will create the user account on the local machine if not already there and log them in).
I'll try and rephrase the question, MS clients have built-in capability for DLU creation when using MS-AD so in an MS company you would just use this, companies that use Novell get around having to use scripts ect by using Zenworks. Now we are replacing Zenworks with KACE, so wanting to know if KACE has this capability (without writing our own scripts) with a non-AD LDAP user source? Or does KACE just leave it upto MS and assume you have an MS-AD environment?
Please let me know if this clears things up or you need more info.
I'll try and rephrase the question, MS clients have built-in capability for DLU creation when using MS-AD so in an MS company you would just use this, companies that use Novell get around having to use scripts ect by using Zenworks. Now we are replacing Zenworks with KACE, so wanting to know if KACE has this capability (without writing our own scripts) with a non-AD LDAP user source? Or does KACE just leave it upto MS and assume you have an MS-AD environment?
Please let me know if this clears things up or you need more info.
Posted by:
gbarvang
12 years ago
actually the MS solution is NOT to create a local user, but use cached profile information.
The novell DLU is not a script as so, but build into the agent/client Gina, depending on Zen Works version.
Unfortunately I havent seen any ready made scripts or utilities to automate dlu for use with Kace.
The novell DLU is not a script as so, but build into the agent/client Gina, depending on Zen Works version.
Unfortunately I havent seen any ready made scripts or utilities to automate dlu for use with Kace.
Posted by:
Micka007
12 years ago
So everyone that uses Dell KACE has MS-AD infrastructure? I found 1 other person on another forum who was migrating from Zenworks to KACE but he was on XP so could still use Zenworks to handle the DLU side until an AD infrastructure was built. We are moving to Win7 so thats not possible without moving to ZCM aswell. I've created scripts in the past for OS deployment where it will prompt for user details then do an LDAP call and create a local account but this was in admin profile during build. I'm not sure of a way to simulate DLU through scripts at GINA with KACE?
Posted by:
gbarvang
12 years ago
Maybe you could set up a samba service and let the machines and users be members of the samba/ldap domain?
Or else I guess by using scripted installation you should be able to do a post install ldap call, and create the user based on the query?
but to be able to sync the passwords to/from the ldap source I guess you need samba or another domain emulating service.
Maybe there exists some ldap client for windows 7?
I found this : http://wiki.samba.org/index.php/Windows7
so if you are able to install samba and configure that against your existing ldap I guess it should be possible. (But this is not a DLU solution but emulates AD)
Or else I guess by using scripted installation you should be able to do a post install ldap call, and create the user based on the query?
but to be able to sync the passwords to/from the ldap source I guess you need samba or another domain emulating service.
Maybe there exists some ldap client for windows 7?
I found this : http://wiki.samba.org/index.php/Windows7
so if you are able to install samba and configure that against your existing ldap I guess it should be possible. (But this is not a DLU solution but emulates AD)
Posted by:
ddevore
12 years ago
Do you have a license / SLA agreement for ZCM? If so ZCM and Zen can both coexist on the same network without needing to change anything at all on the older Zen side. If you install ZCM on a windows server and enable the DLU policy any machine with the new agent installed will see the new version will only see the new install and DLU will work. I know it's a pain, but it works.
The install on a windows server is a breeze, especially if your just looking to get the DLU policy working on new windows 7 boxes...
The install on a windows server is a breeze, especially if your just looking to get the DLU policy working on new windows 7 boxes...
Rating comments in this legacy AppDeploy message board thread won't reorder them,so that the conversation will remain readable.