Anonymous_User Absent Member.
Absent Member.
293 views

eDir password case sensitive and Websphere


Hi,

Could anyone please help answer below question? Its regarding
eDirectory Password case-sensitive and Websphere Application Server.
Thanks

An application require to use password case sensitive for
authentication, universal password for this policy and a environmental
variable "NDSD_TRY_NMASLOGIN_FIRST"to true on OS level are applied. The
case sensitive works fine.

However, after this environmental variable is applied, the application
on Websphere platform flows out exception error as in this 'link'
(http://docs.google.com/View?id=ddc2cn4t_72cv294rdn). This issue has
also been simulated in another environment.

The application code on LDAP password verification are shown as this
'link' (http://docs.google.com/View?id=ddc2cn4t_73c8v9t9fv).

I want to know if this is coding, API issue or eDirectory configuration
issue.

Does any of you have experience on websphere and eDir password policy
setting on case sensitive. Thanks

Regards,
Gavin


--
gavinwow
------------------------------------------------------------------------
gavinwow's Profile: http://forums.novell.com/member.php?userid=46379
View this thread: http://forums.novell.com/showthread.php?t=374352

Labels (1)
0 Likes
4 Replies
Anonymous_User Absent Member.
Absent Member.

Re: eDir password case sensitive and Websphere

You are doing a compare on the password and you will always have issues
when performing such an activity.

You should BIND to the LDAP as the user with the user's password.
With a compare, you will not be informed as to:
* Account disabled
* password expired
* intruderlocked

-jim


gavinwow wrote:
> Hi,
>
> Could anyone please help answer below question? Its regarding
> eDirectory Password case-sensitive and Websphere Application Server.
> Thanks
>
> An application require to use password case sensitive for
> authentication, universal password for this policy and a environmental
> variable "NDSD_TRY_NMASLOGIN_FIRST"to true on OS level are applied. The
> case sensitive works fine.
>
> However, after this environmental variable is applied, the application
> on Websphere platform flows out exception error as in this 'link'
> (http://docs.google.com/View?id=ddc2cn4t_72cv294rdn). This issue has
> also been simulated in another environment.
>
> The application code on LDAP password verification are shown as this
> 'link' (http://docs.google.com/View?id=ddc2cn4t_73c8v9t9fv).
>
> I want to know if this is coding, API issue or eDirectory configuration
> issue.
>
> Does any of you have experience on websphere and eDir password policy
> setting on case sensitive. Thanks
>
> Regards,
> Gavin
>
>

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: eDir password case sensitive and Websphere


Websphere is configured to use a eDirectory account, which has right to
read, create, delete, and update a eDirectory user container.

So you think I cannot compare password using these codes? Please
suggest how can my application using eDir as authentication server?
Thanks


--
gavinwow
------------------------------------------------------------------------
gavinwow's Profile: http://forums.novell.com/member.php?userid=46379
View this thread: http://forums.novell.com/showthread.php?t=374352

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: eDir password case sensitive and Websphere

You could try the process using ldapcompare with the edirectory account.

Syntax is like:

ldapcompare -h ldap.willeke.com -v -x
-D cn=pwmProxy,ou=administration,dc=willeke,dc=com
-w bindpassword
cn=user,ou=people,dc=willeke,dc=com
userpassword:passwordvalue

Only all on one line.

Should see:
Compare Result: Compare True (6)
or
Compare Result: Compare False (5)

On 8.8 the ldapcompare is at /opt/novell/eDirectory/bin (By default)

-jim

gavinwow wrote:
> Websphere is configured to use a eDirectory account, which has right to
> read, create, delete, and update a eDirectory user container.
>
> So you think I cannot compare password using these codes? Please
> suggest how can my application using eDir as authentication server?
> Thanks
>
>

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: eDir password case sensitive and Websphere

gavinwow,

>Websphere is configured to use a eDirectory account, which has right to
>read, create, delete, and update a eDirectory user container.
>
>So you think I cannot compare password using these codes? Please
>suggest how can my application using eDir as authentication server?
>Thanks


But I would think you would use two different approaches for update
/modify type functions and password authentication functions. I think Jim
is correct in this case. Plus you are less likely to have issues with your
code down the road if something changes.

--
Jared Jennings
Novell Support Forums Sysop
Senior Systems Analyst, Data Technique, Inc.
http://www.datatechnique.com

My Blog and Wiki with Tips, Tricks, and Tutorials
http://jaredjennings.org
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.