Feature Support for eDirectory 8.6.2 and eDirectory 8.7.3

The following table lists the features that are not supported when running eDirectory 8.6.2, and also points out a few considerations for eDirectory 8.7.3.

NOTE:  Versions earlier than eDirectory 8.6.2 are referred to as legacy NDS®. The DirXML engine that ships with Identity Manager cannot run on legacy NDS.

Identity Manager has not been tested with eDirectory 8.7, so it is not supported. However, eDirectory 8.7.3 is supported, and it is a free upgrade for eDirectory 8.7.

Feature eDirectory 8.6.2 eDirectory 8.7.3

Policy Builder

Supported.

Supported.

DirXML Script

Supported.

Supported.

Password Policies: Advanced Password Rules

Not supported by Identity Manager on eDirectory 8.6.2, because the password rules require Universal Password.

However, in a mixed environment, Advanced Password Rules could be enforced for an 8.6.2 tree if you are synchronizing between two trees and one is eDirectory 8.7.3. For example, if you have an identity vault running 8.7.3, and you only allow users to change passwords in that tree, you could turn on Universal Password in the identity vault and then synchronize one-way to the eDirectory 8.6.2 tree. You could synchronize the Universal Password to the NDS password, and enforce the password rules.

If eDirectory 8.6.2 is being used, the password restrictions you can use are the ones available for the NDS password.

Supported, if Universal Password is enabled in a Password Policy.

You can also enforce Password Policies on connected systems.

Password Policies: Forgotten Password Self-Service

All the features are supported except the following:

  • Allow user to reset password on page
  • E-mail current password to user

This feature requires a reversible password. Because eDirectory 8.6.2 does not support Universal Password, this feature is not available.

All features supported if Universal Password is enabled for the Password Policy.

If Universal Password is disabled for a Password Policy, the administrator cannot provide the following options for users of that policy:

  • Allow user to reset password on page
  • E-mail current password to user

These features require a reversible password, so they can't be used if Universal Password is not enabled.

Password Policies: Challenge Sets

Supported.

Supported.

Password Policies: Reset Password Self-Service

Supported.

The Reset Password gadget changes the NDS password if the Universal Password is not available, so it can be used on eDirectory 8.6.2.

Supported.

The Reset Password gadget changes the NDS password if the Universal Password is not available, so it can be used even if the Universal Password is not enabled in a user's Password Policy.

Password Policies: Set Universal Password task

Not supported for changing the NDS password; instead, use the Modify Object task or other help desk task to change the user's NDS password.

Supported, if Universal Password is enabled.

Unlike the Reset Password gadget, the Set Universal Password task works only if Universal Password is enabled in the user's Password Policy.

Password Synchronization

Only password publishing to Identity Manager is supported.

Using 8.6.2, you can configure your drivers to mimic the same functionality that is provided with Password Synchronization 1.0, with the addition of support for new platforms.

Identity Manager can accept passwords from connected systems to update the NDS password. But without Universal Password, Identity Manager can't distribute passwords to connected systems unless the system is another eDirectory tree.

Supported.

However, if Universal Password is not enabled in a Password Policy, passwords can't be distributed to connected systems, and password policies can be enforced on incoming passwords but can't be enforced on the connected systems.

Role-Based Entitlements

Not supported. Entitlement Policies are dynamic groups, and some features of dynamic groups were not supported in eDirectory 8.6.2.

Supported.

Reporting and Notification

Supports Novell Nsure Audit.

For upgrade customers only. It also supports RNS, which is the legacy reporting and notification service. The RNS plug-ins are included with Identity Manager; the RNS components for the DirXML engine are not included.

Supports Novell Nsure Audit.

For upgrade customers only. It also supports RNS, which is the legacy reporting and notification service. The RNS plug-ins are included with Identity Manager; the RNS components for the DirXML engine are not included.

eGuide

Supported.

Supported.