To support NMAS, an Authentication Store is added to the eDirectory tree, which consists of a set of containers, objects, and attributes.
NMAS allows the creation of Config Store and Secret Store Attributes on the LM, LD, and User objects. The data contained in these attributes maybe tagged so that a specific method can access the data from a Login Server Module (LSM). ??? Not sure what this implies.....
In Java there is an NMASChallengeResponseMgr class in the NMASToolKit.jar that simplifies this process by calling the appropriate functions to read and write to the config and secret stores. This class is used by the mapping application that I will have you download later.
The reality as far as we can tell is the questions and responses are stored on the user entry in the sASLoginSecret attribute which Novell does not define in their schema documentation.