Overview#

DirXML-ShimAuthPassword is an AttributeType used on a DirXML-Driver with an OID of 2.16.840.1.113719.1.14.4.1.6

Error -1473#

LDAPWiki has encountered conditions which when setting the Passwords on a driver that a 1473 error was returned.

The conditions appear to be encountered when:

• use dibclone
• Have a DirXML-ShimAuthPassword on a driver encrypted/signed with a key that is no longer valid.

The apparent solution is to:

• regenerate the DirXML server keys (this can be done with dxcmd)
  • dxcmd -host hostname.example.com -port 1636 -user cn=admin,...,dc=com -password '….'
  • 4: Driver set operations...
  • 7: Regenerate all Identity Manager server keys
  • This invalidates ALL passwords and Identity Manager server keys.
• purge the values of DirXML-ShimAuthPassword on that server. Running a ndsrepair -R -Ad -SX "DirXML-ShimAuthPassword""

The ndsrepair will purge these values off of the drivers on that server. These operations is per server as values are X-NDS_NEVER_SYNC.!! LDAP Attribute Definition The DirXML-ShimAuthPassword AttributeTypes is defined as:

• OID of 2.16.840.1.113719.1.14.4.1.6
• NAME: DirXML-ShimAuthPassword
• DESC:
• Supertype:
• EQUALITY:
• ORDERING:
• SYNTAX: 1.3.6.1.4.1.1466.115.121.1.40
• SINGLE-VALUE
• NO-USER-MODIFICATION
• USAGE: DirectoryOperation
• Extended Flags:
  • X-ORIGIN:
  • X-NDS_NEVER_SYNC
• Used as MUST in:
• Used as MAY in:
  • DirXML-Driver

Category#

eDirectory

More Information#

There might be more information for this subject on one of the following:

• 2.16.840.1.113719.1.14.4.1.6
• 2.16.840.1.113719.1.14.6.1.2
• DirXML-Driver