Novell Documentation: Identity Manager Drivers - Comparing Password Synchronization 1.0 and Password Synchronization Provided with Identity Manager

7.1 Comparing Password Synchronization 1.0 and Password Synchronization Provided with Identity Manager

Table 7-1 Differences Between the Different Versions of Password Synchronization

Functionality	In Password Synchronization 1.0	In Password Synchronization with Identity Manager
Product delivery	A product separate from Identity Manager.	A feature included with Identity Manager, not sold as a separate product.
Platforms	Active Directory NT Domain	Full bidirectional password synchronization is supported on these platforms: Active Directory eDirectory™ NIS NT Domain These connected systems support publishing user passwords to Identity Manager. Because Universal Password and Distribution Password are reversible, Identity Manager can distribute passwords to connected systems. Any connected system that supports the Subscriber password element can subscribe to passwords from Identity Manager. See Password Synchronization across Connected Systems in the Novell Identity Manager 3.0.1 Administration Guide.
Password used in eDirectory	eDirectory Password (non-reversible)	Universal Password (reversible), or Distribution Password (also reversible). The eDirectory password can also be kept synchronized, if desired. For example scenarios, see Implementing Password Synchronization in the Novell Identity Manager 3.0.1 Administration Guide.
Main functionality for Windows connected systems	To provide bidirectional password synchronization so that the eDirectory password is synchronized with the Windows password. However, each workstation requires the Novell® Client™.	To provide bidirectional password synchronization. Because Universal Password and Distribution Password are reversible, passwords can be synchronized in both directions. Accomplished within the Identity Manager Publisher and Subscriber channels.
LDAP password changes	Not supported.	Supported.
Novell Client	Required.	Not required.
nadLoginName attribute	Used for keeping passwords updated.	Not used.
The component that contains the password synchronization functionality	The Identity Manager driver contained the functionality for updating nadLoginName.	Policies in the driver configuration provide the password synchronization functionality. The driver simply carries out the tasks given by the Metadirectory engine, which come from logic in the policies. The driver manifest, global configuration values, and driver filter settings must also support password synchronization. These are included in the sample driver configurations, or can be added to an existing driver. See Section 7.4, Upgrading an Existing Driver Configuration to Support Identity Manager Password Synchronization.
Agents	A separate piece of software.	No agents are installed; instead, the functionality is now part of the driver.