OES client no longer appears with Bitlocker

Hello,

Our environment consists of Windows 10 PCs with the OES client.

We have just started testing on over 20 workstations to upgrade to Bitlocker.

Since randomly, on several machines, the OES client page is not displayed but it is the default Windows login page instead.

On one machine the Windows login page opened at each startup.

I disabled Bitlocker and the OES client page came back.

Do you have any ideas to find the origin of the problem?

Thank you in advance for your help.

  • 0  

    I'm not already familiar with a condition that would cause the credential provider to randomly or consistently not appear in the presence of Bitlocker.  Probably the best first clue to review would be the NCCredProvider log from a current SP7 (IR4) client, since there was some additional logging added in that latest version which might provide additional context.

    You enable the logging with a DWORD value named "Debug" set to 0x3 under [HKEY_LOCAL_MACHINE\Software\Novell\Authentication\NCCredProvider] (How to collect an NCCredProvider log (microfocus.com)), and the log files are written to C:\ProgramData\Novell\Client\Log\.  Note you don't have to unhide this folder, and can just enter "C:\ProgramData" in the File Explorer address bar and it will let you browse the still-hidden folder.

    What we might see in the NCCredProvider log is simply "nothing", meaning we were called as an ICredentialProviderFilter but then no further activity.  Which would be evidence that some other credential provider filter had filtered us out.  NCCredProvider's own log can't really reveal the reasons "why" some other credential provider chose to filter us out, though.

    Or, maybe we'll see some failure of initialization occurring for NCCredProvider itself, somehow indirectly related to Bitlocker being enabled.  Nothing seems particularly logical or "likely" about that, but certainly this would explain the perhaps "random" results and give us clues to follow.

    edit: I realize I should have explicitly added: If you have a device exhibiting the "random" behavior, capturing both a log from a time when the failure occurred, and a separate log showing what happened when the failure didn't occur, would be a useful comparison.  Or if both symptoms were captured within the same log, knowing the clock time of the local computer for approximately when each result occurred, just in case the logged information isn't already obvious for there having been an issue.

  • Verified Answer

    +1 in reply to   

    The problem was just a missing registry value.

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System

    DisableAutomaticRestartSignOn = 1

    https://support.microfocus.com/kb/doc.php?id=7021904

    Thanks to the support team