Overview#

April 2007 - Based on 8.8.1 and SS204.

As a part of a Migrating From NIS To LDAP project we needed to eliminate NIS with as little impact to users as possible.

Needed to take existing passwords from the shadow file and allow users to migrate to LDAP (eDirectory) based management.

Process was to:

  • Obtain Simple Password method and add to available login sequences for the tree.
  • Authorize simple password method to be able to be used
  • Have NO password policy assigned to the user container (ou=people)
  • Import the crypt passwords
  • Set NDSD_TRY_NMASLOGIN_FIRST=true
  • Assign Password policy the user container (ou=people)
  • Following a successful login, using the password value for the simple password, the Universal password will be set. Any driver watching for the nspmDistributionPassword attribute will pick up the setting and deploy.

Why This Works#

The simple password can not be assigned to a user when a password policy is assigned to the user. (This was a design decision)

Once the simple passwords are imported, then the policy can be assigned. We set the policy to set NDS and simple password from UP.

Following a successful login, using the password value for the simple password, the Universal Password will be set. Any driver watching for the nspmDistributionPassword attribute will pick up the setting and deploy the password.

For more information on Simple Password

More Information#

There might be more information for this subject on one of the following:

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-12) was last changed on 30-Aug-2014 10:47 by jim