Environment
Native File Access Pack (NFAP) for NetWare 5.1
eDirectory 8.7.3
NMAS 2.x
Situation
How to change the NMAS Simple Password with LDAP
Resolution
(defined as 2.16.840.1.113719.1.27.101.5) to the LDAP add or modify operation.
The purpose of the Simple Password is to allow migration of an object with a hashed password into eDirectory. Simple Passwords are also used when binding with the DIGEST-MD5 SASL mechanism and NetWare CIFS.
The simple password value may be specified as the original clear text password, or as the result of hashing the password with the Secure Hash (SHA), Salted Secure Hash (SSHA), digest-md5 (MD5) or Unix Crypt (CRYPT) algorithm. If the DIGEST-MDG SASL mechanism is to be used to authenticate users, or if the Simple Password is to be used for CIFS, the simple password must be stored as clear text (not hashed.)
When specified, the NDS Import Convert Export (ICE) utility uses this control to update the simple password. Check the option to "Store NMAS Simple passwords/Hashed passwords" if using the wizard, or use the -l parameter on the command line. The ldif file defines userpassword as follows:
userpassword: clearTextPassword
or encrypted:
userpassword: {SHA}qUqP5cyxm6YcTAhz05Hph5gvu9M=
To programmatically update the simple password, define the control which is passed to the add or modify operation. The Novell Developer Kit includes samples for changing Simple Password in the LDAP Libraries for C at https://developer.novell.com/ndk/doc/samplecode/cldap_sample/index.htm. The LDAP Classes for JAVA should include a sample at https://developer.novell.com/ndk/doc/samplecode/jldap_sample/index.htm on the October release. Contact Novell Developer Support for more information.
Note: NMAS is required to use the Simple Password.
The ICE utility musts be ran against an LDAP server that has NMAS installed.
Point ICE to a server that has NMAS installed.
Additional Information
Formerly known as TID# 10066348
Formerly known as TID# NOVL64578