We're running into some really random issues with the ZCM login window popping up on random people, sometimes large groups.

What we've seen...
* User resets password
* Usually stays logged in for a while and upon reboot or login the next day, Novell login succeeds, but the ZCM login window pops up, at which time I've found that it is locking their eDir account

If the eDir account is unlocked, they still can't login to that box and doesn't matter since it shouldn't be coming up either.

Other users that don't get the prompt can log into those machines without a problem, so there is no issue with the computer.

Another thing we found is that we have 5 LDAP servers and are set in a particular order for each content server. If we switch it around, that user will work now, but will break others.

I've verified that the LDAP servers we have set are R/W replicas of the Tree for all of our user contexts.

It seems that the ZCM server caches the users password or corrupts it somehow? Just a guess.

What I'd like to know exactly is when a user enters their username/password at the Win7 login window, how and where the authentication gets passed and what is cached/if cached and what processes it for ZCM.

We have 4 primary 10.3.0 Win2008-x64 servers and one dedicated SQL 2005 server with 15,000 users and 4,500 devices (database is 37Gb).

Is there some kind of CASA problem on the primary server or something I can do to troubleshoot it?

I'd hate to just start blowing user accounts away and recreating.