The following list contains information that is specific to setting up password synchronization with the bidirectional eDirectory driver. Use it to supplement the information in the NetIQ Identity Manager Password Management Guide.
Universal Password is the standard method to synchronize passwords with Identity Manager. Ensure that the Password policy has Universal Password enabled for synchronizing passwords with Identity Manager. The bidirectional eDirectory driver’s configuration policies and filters in the basic configuration file are set up to support the Universal Password method.
To synchronize UP passwords from a Read-only replica on the Publisher Channel, ensure that the following mandatory attributes are enabled on the filter for the user object:
CN
Surname
nspmDistributionPassword
nspmPasswordKey
To synchronize the NDS password between the Identity Vault and the connected eDirectory by using the bidirectional eDirectory driver, in the Driver Configuration section, set the Password Sync Type to NDS password.
Password transfer over a clear-text connection is disabled by default. Password transfer is allowed over a secure connection only. The default behavior for transferring passwords can be changed by setting the Allow password on clear-text connection driver configuration parameter to True. However, this is not a recommended configuration.