3.3 Password Management

Password management is generally outside the scope of this guide and is covered appropriately in documentation such as the Novell Modular Authentication Services (NMAS) Administration Guide and the Novell Password Management Administration Guide.

When authenticating to macOS, Micro Focus Kanaka for Mac determines the fully distinguished name of the user and then makes the appropriate API calls to verify the password with eDirectory. These APIs are currently limited to only the eDirectory password.

After authentication, user information and storage information are retrieved and returned to the Kanaka Plug-in and Desktop Client. The storage connection information is passed through to macOS so that it automatically connects to the appropriate network storage through the designated Native File Access protocol (AFP or CIFS).

The eDirectory password you use for authentication must match the password you use for Native File Access, whether it’s Simple Password or Universal Password.

If you are using the Simple Password authentication method, you can use either ConsoleOne or iManager to set the Simple Password.

If you are using the Universal Password authentication method, you can use iManager to set up Universal Password policies and apply them to users or containers. After the password policies are put into place, the Universal Password must be populated for each user. In most cases, this means that the user must go through a password change process.

Consult the Novell Password Administration Guide.

Universal Password is easier than Simple Password to maintain throughout the lifecycle of a user. Beginning with eDirectory 8.8, APIs have been updated and Micro Focus Kanaka for Mac has been engineered to automatically use the Universal Password for all aspects of authentication and password change, so no synchronization is required.