I am having some issues with some, not all, of my users being able to authenticate into newly migrated LDAP clients.
All of my accounts were created from their former NIS form using ldapaddent, one had its passwd changed via the DSCC; that one works.
Another one worked, until I've recently re-entered its shadow entry, again using ldapaddent (I was trying to keep two distinct environments in sync). Now this account is unable to authenticate at all.
1. I do not recall if I created an SSD for shadow when I ran idsconfig.
2. What is the preferred method for:
a. Checking that I do have an SSD for passwd, and shadow?
b. Adding one, assuming I need to?
3. When I run "dsconf get-server-prop", grep'ing with ^pwd, I get:
I am getting close to a full migration from NIS to LDAP, and need to have everything in order prior. Unfortunately, I cannot test auth for other users...
pwd-accept-hashed-pwd-enabled : N/A
pwd-check-enabled : off
pwd-compat-mode : DS5-compatible-mode
pwd-expire-no-warning-enabled : on
pwd-expire-warning-delay : 1s
pwd-failure-count-interval : 10m
pwd-grace-login-limit : disabled
pwd-keep-last-auth-time-enabled : off
pwd-lockout-duration : disabled
pwd-lockout-enabled : off
pwd-lockout-repl-priority-enabled : on
pwd-max-age : disabled
pwd-max-failure-count : 3
pwd-max-history-count : disabled
pwd-min-age : disabled
pwd-min-length : 6
pwd-mod-gen-length : 6
pwd-must-change-enabled : off
pwd-root-dn-bypass-enabled : off
pwd-safe-modify-enabled : off
pwd-storage-scheme : CRYPT
pwd-strong-check-dictionary-path : /local/DB/plugins/words-english-big.txt
pwd-strong-check-enabled : off
pwd-strong-check-require-charset : lower
pwd-strong-check-require-charset : upper
pwd-strong-check-require-charset : digit
pwd-strong-check-require-charset : special
pwd-supported-storage-scheme : CRYPT
pwd-supported-storage-scheme : SHA384
pwd-supported-storage-scheme : SHA256
pwd-supported-storage-scheme : SHA512
pwd-supported-storage-scheme : SHA
pwd-supported-storage-scheme : SSHA
pwd-supported-storage-scheme : SSHA384
pwd-supported-storage-scheme : SSHA256
pwd-supported-storage-scheme : SSHA512
pwd-supported-storage-scheme : CLEAR
pwd-user-change-enabled : on