How 2008 Password Policy type works with older versions of NMAS

  • Document ID:7013473
  • Creation Date:17-Oct-2013
  • Modified Date:17-Oct-2013
    • Micro Focus Products:
      eDirectory
      Open Enterprise Server

Environment

eDirectory 8.8.8
eDirectory 8.8.7
eDirectory 8.8.6
NMAS 3.3.4.x
NMAS 3.3.3.x

Situation

Microsoft Server 2008 Password Policy type is ignored or not applied
NMAS 3.3.3 and older servers with a replica along with Microsoft Server 2008 Password Policy type enabled
NetWare servers with a replica along with Microsoft Server 2008 Password Policy type enabled

Resolution

If a NetWare server or any server with a version of NMAS older than NMAS 3.3.4  with a replica is accessed when setting the password and when the password policy is set to use the Windows 2008 password policy type, the enforced policy will fall back to the Microsoft Complexity policy type.

To ensure the Windows 2008 password policy type is always used patch the replica servers to a eDirectory 8.8.7/NMAS 3.3.4 or higher.  Remove replicas from NetWare servers.

As the Password Management 3.3.x documentation states:
iManager allows you to create a policy using the Microsoft Server 2008 Password Policy type, regardless of the version of NMAS installed on your server. However, you must have NMAS 3.3.4 or later installed to use this option. If you have a previous version of NMAS installed, the new password policy does not function properly. NMAS 3.3.4 is included with eDirectory 8.8 SP7.