Prereqs followed:
Clean Install Microsoft XP SP2
Run Windows Updates
Install WindowsXP-KB893357-v2-x86-ENU
Install WindowsXP-KB918997-v6-x86-ENU
Install Novell Client 4.9.1 SP4 (Ran ACU - previously @ sp3)

Windows XP Sp2 ,FreeRadius tied to eDirectory, All users in our
district log into WINDOWS using a Single Account named "XYZ". The XYZ
account is a
member of the Administrators group. Computer settings are locked down
using Deep Freeze.
Computer boots up to Novell Login Screen. I enter a valid eDirectory
username and password. On The FreeRadius side I
see the credentials being passed sucessfully. On the client side I am
now prompted for the Windows username (XYZ) and
pasword (no password). Click enter and Windows Desktop begins to load.
Novell Login Scripts begin to run. Windows Taskbar shows that
I am connected to wireless with Excellent signal. On the FreeRadius
side now the Windows account (XYZ with no Password)
is trying to authenticate- This of course fails because this account
does not exist in eDirectory.
Login scipts fail with message LOGIN-LGNWNT32.DLL-923: An unexpected
error has occurred: 15 (8819).
Per Novell KB Article I installed WindowsXP-KB917021-v3-x86-ENU with
replaces WindowsXP-KB893357-v2-x86-ENU-replacedBy917021
After Rebooting I try Authenticating from the Novell Login and I
experience the exact same problem.
A trip to the command line shows the machine received a valid IP
address but I am unable to browse network or connect to internet.

What does work....
Logging into the Machine as Workstation Only and then logining into
Novell works flawlessly .
Logging in when the user has a eDir account and a Windows
Account/password that match

Is it necessary to have a local profile that matches your edir
credentials in order for 802.1x to be successful from the initial
Novell Login screen?
Am I missing somthing obvious here?

My Novell Client Properties:

Configure Default Location Profile with these settings:
Credentials Tab- Enable Password Box Checked
eDirectory Tab- Active Authenticator Box Checked
Tree: "IP Address"
Context: BLANK
Server: BLANK
Bindery Tab- Active Authenticator Unchecked
Script Tab- Enable Tab Checked
Run Scripts Checked
Display Results Window Checked
Close Automatically Checked
Login Script: <DEFAULT>
Profile script: <DEFAULT>
Windows Tab- Local username: "XYZ (does not match eDirectory
From: "Local Machines Name"
Dial-Up Tab- Enable Tab is Unchecked
NMAS Tab- Enable Tab is checked
Sequence: NDS
Clearance: <DEFAULT>
Display clearance field box is checked
802.1x Tab - Enable Tab is checked
Login using 802.1x is checked
Use 802.1x authentication during subseqent eDirectory-only logins is
Append Domain name to User name is unchecked