2.3 Backward Compatibility

Universal Password is designed to supply backward compatibility to existing services. By default, passwords changed with this service can be synchronized to the simple and NDS passwords on the User object (you can choose which passwords you want to have synchronized using the Password Management plug-in). This way, NetWare 6 and 5.1 servers running Native File Access protocols for Windows and Apple* native workstations continue to have their passwords function properly. Novell Client software earlier than the Novell Client for Windows version 4.9 or the Novell Client for Windows version 3.4, which don't take advantage of NMAS, also have their passwords continue to function properly.

The exception to this is the use of international characters in passwords. Because the character translations are different for older clients, the actual values no longer match. Customers who have deployed Web-based or LDAP services and who use international passwords have already seen these problems and have been required to change passwords so they do not include international characters. We recommend that all servers be upgraded to NetWare 6.5 and all Novell Client software be upgraded in order for full, system-wide international passwords to function properly.

The Novell NetWare Storage Management Services™ (SMS) infrastructure is used for Novell and third-party backup and restore applications. Additionally, the Novell Server Consolidation utility, Distributed File Services Volume Move, and Server Migration utilities use SMS as their data management infrastructure. The system passwords used by these Novell and third-party products cannot contain extended characters if they are to function in a mixed environment of NetWare 4, 5, and 6 servers. However, when all servers are upgraded to NetWare 6.5, extended character passwords can be used.

NOTE:Refer to Novell TID 10083884 so see which applications/services are Universal Password-capable, as well as which applications/services are extended character-capable. Many applications/services can use extended characters without Universal Password.

The following table shows the expected behavior of Universal Password when it interacts with older services.

Password Change Method

Passwords Synchronized

Novell Client software earlier than Novell Client for Windows NT/2000/XP version 4.9 or Novell Client for Windows 95/98 version 3.4 to any server version

NDS password only.

Native File Access (Windows or Macintosh) on NetWare 5.1 or NetWare 6

Simple password and NDS password. The password change is successful only if the old NDS and simple passwords were in sync.

Native File Access (Windows or Mac) on NetWare 6.5

Universal, simple, and NDS passwords are changed. All are synchronized, even if old ones were out of sync (if configuration allows for synchronization).

LDAP (standard) earlier than eDirectory 8.7.3

NDS password only.

LDAP (extended) earlier than eDirectory 8.7.3

Simple password or NDS password is changed (extensions specify which one). Simple password change will result in -1697 failure.

LDAP (standard) to NetWare 6.5 (or NetWare 5.1 or 6 running eDirectory 8.7.3)

Universal, simple, and NDS passwords are changed. All are synchronized even if old ones were out of sync.

LDAP (extended) to NetWare 6.5

Universal, simple, or NDS password changed (extensions specify which one).

NetWare Administrator (run on a workstation with a client earlier than version 4.9) to any User object in any container

NDS password only.

NetWare Administrator (run on a workstation with the version 4.9 client) to a User object in a container that has a R/W replica on a NetWare 6.5 server (or NetWare 5.1or 6 running eDirectory 8.7.3)

(Untested and unsupported) Universal, simple, and NDS passwords are changed. All are synchronized even if old ones were out of sync.

ConsoleOne (run on a workstation with a client earlier than version 4.9) to any User object in any container

There is a separate change password page for NDS password and simple password.

ConsoleOne (run on a workstation with the version 4.9 client) with the NMAS client installed and enabled to a User object in a container that has a R/W replica on a NetWare 6.5 server (or NetWare 5.1 or 6 running eDirectory 8.7.3)

Universal, simple, and NDS passwords are changed. All are synchronized even if old ones were out of sync.

ConsoleOne (run on a workstation with the version 4.9 client) to a User object in a container that has no R/W replicas on any NetWare 6.5 servers, or NetWare 5.1 or 6 with eDirectory 8.7.3 (only R/W replicas on NetWare 5.1 or NetWare 6 servers with eDirectory versions earlier than 8.7.3)

There is a separate change password page for NDS password and simple password.

Novell iManager 1.5 (NetWare 5.1 or NetWare 6 only) to any User object in any container

NDS password only.

Novell iManager 2.0 (NetWare 6.5 only) to a User object in a container that has a R/W replica on a NetWare 6.5 server (or NetWare 5.1 or 6 running eDirectory 8.7.3)

Universal, simple, and NDS passwords are changed. All are synchronized even if old ones were out of sync.

Novell iManager 2.0 (NetWare 6.5 only) to a User object in a container that does not have any R/W replica on any NetWare 6.5 server, or NetWare 5.1 or 6 servers running eDirectory version 8.7.3

NDS password only.

NetWare Remote Manager running on a NetWare 6.5 server to a User object in a container that has a R/W replica on a NetWare 6.5 server, or NetWare 5.1 or 6 servers running eDirectory version 8.7.3

Universal, simple, and NDS passwords are changed. All are synchronized, even if old ones were out of sync.

NetWare Remote Manager running on a NetWare 6.5 server to a User object in a container that does not have a R/W replica on a NetWare 6.5 server, or NetWare 5.1 or 6 servers running eDirectory version 8.7.3

NDS password only.

NetWare Remote Manager NDS change password running on a NetWare 5.1 or NetWare 6 server

NDS password only.

NetWare Remote Manager simple password management (NetWare 5.1 and 6 only with Native File Access installed)

Simple password only.