Import the user objects with simple password and then enable universal password for the container where the user objects are imported. Stop the DS server and set the environment as NDSD_TRY_NMASLOGIN_FIRST=true and then start DS Server. When you do an ldapsearch for the user objects, which were imported with simple password, you get the following error:
ldap_bind: Unknown error, additional info: NDS error: system failure (-632)
To resolve this issue, set the default login sequence as simple password for the container where user objects are imported before doing ldapsearch for those user objects.
When LDAP requests NMAS to log in a user, NMAS uses the default login sequence. If you do not specify a default login sequence for these users, then it will use the NDS sequence. If these users are not given an NDS password when you imported them, then the NDS sequence will not work. If you enable universal password, then the simple password will be synchronized with the NDS password and universal password when the user logs in with the simple password.