Implementing NMAS 2.3.8 password case insensitivity during change password.

(Last modified: 15Aug2005)

This document (10098612) is provided subject to the disclaimer at the end of this document.

fact

Novell eDirectory 8.7.3 for All Platforms

LDAP Services

Novell Modular Authentication Service version 2.3

NMSRV238.TGZ - Updated NMAS services module - NMAS 2.3.8

Universal Password

goal

Implementing NMAS 2.3.8 password case insensitivity during change password.

symptom

Have implemented Universal Password choosing not to make passwords case sensitive for LDAP binds yet passwords are treated case sensitive when changing the password.

cause

When a LDAP bind occurs in eDirectory 8.7.3 the NDS password is first used which is not case sensitive.  If this fails the NMAS Simple Password method is used which is case sensitive.  If Universal Password is configured to synchronize the Universal, Simple and NDS password then LDAP binds are not case sensitive.  However, when a user attempts to change their password the password comparison between the password supplied by the user and the current password IS case sensitive.  This can cause problems for a user changing their password due to that user not expecting this behavior.

fix

There is now a new attribute that can be applied to the Password Policy object that will cause the NDS password method and the Universal Password method to not perform case sensitive comparisons between the passwords when the password is being changed. 
NOTE: For this attribute to be effective the advanced password policy must also be enabled.

iManager:
1. Open iManager and open the properties of the Password Policy.  iManager - eDirectory Administration - Modify object - Tree\Security Container\Password Policies\YourPasswordPolicy - General tab.
2. Add and populate the attribute: Unvaluled Attrributes - select nspmCaseSensitive and click on arrow.  Then while highlighted select Edit - uncheck the box and select OK.

CONSOLEONE:
1. - Open ConsoleOne and open the properties of the Password Policy: Go to Tree\Security Container\Password Policies\YourPasswordPolicy - right-click - Properties.
2. Add and populate the attribute: Select the Other Tab - Add - select the nspmCaseSensitive attribute and click OK.  Click the down arrow next to the new attibute and select "false".  Click OK.

document

Document Title:	Implementing NMAS 2.3.8 password case insensitivity during change password.
Document ID:	10098612
Solution ID:	NOVL103119
Creation Date:	15Aug2005
Modified Date:	15Aug2005
Novell Product Class:	Novell Directory Services

disclaimer

The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information.
Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.