Novell has failed or decided not to document this attribute.

The schema on our 8.8.3 eDirectory server shows:

attributeTypes: ( 2.16.840.1.113719. NAME 'sASLoginConfiguration'  SYNTAX{64512} X-NDS_NAME 'SAS:Login Configuration' X-NDS_SERVER_READ '1' )

AFAIK, the SASLoginConfiguration is where the answered Challenges:

  • are stored on the user Entry.
  • the SASLoginConfiguration is the list of the current challenges that have been answered by the user. (Note: we beleive the Responses are not stored in the sASLoginConfiguration. AFAIK, the responses are ONLY stored on the user in the attribute SASLoginSecret.
  • the Method NMASChallengeResponseMgr.getChallengeQuestions() returns the challenges. (Maybe NULL)
  • May not exist if the User has NOT answered their questions.
  • Contains a GUID that was the value of the nsimChallengeSetGUID value on the NspmPasswordPolicy This GUID, a timestamp, is utilized to determine if the user responses are "stale" (ie. older than the challengeset questions on the NspmPasswordPolicy).

When this is deleted, the user can not answer their questions. The NMASChallengeResponseMgr.deleteChallengeQuestions method removes this attribute.

More Information#

There might be more information for this subject on one of the following: