We've had Dynamic Local User implemented successfully on our network for quite a while, but have recently noticed some instances where a user would suddenly get prompted for a Windows login, even on a workstation where the user profile already existed, and the user object showed an Effective Policy for DLU. To fix those problems, we logged into the workstation and manually set the Windows password to the user's NDS password. On workstations where the user's account had not previously existed, we manually created one.

To troubleshoot this problem, I set up a new Windows workstation, with Novell Client 4.91 SP4 and ZfD7 SP1 agent, and observed that DLU was not working on this machine. I was logging in with our typical workstation admin account, which has existed in the same container as all our other standard user objects, for several years. The container has DLU enabled for all users. Just as a test, I deleted my user object and recreated it, with the same name and policies. At that point DLU worked and a Windows profile was dynamically created.

Any ideas on what might cause this problem, and how to fix it (other than deleting and recreating user objects)?