According to an alert from Cisco, specific versions of Cisco Secure Authentication Control Server allows authentication of users that have been explicitly disabled or expired in the Novell Directory Services. There is a software patch that may be applied, and software upgrades will also address this problem. For more, go to:http://nww1.com/go/ciscoa.html