Environment
Situation
An administrator decides to implement Universal Passwords across the tree and does not want NDS passwords to work. In the UP policy the admin can configure it such that it removes NDS password. Adding another server to the tree fails with error "ERROR -669: Unable to login - Authentication failed" even though the password provided is correct.
Resolution
This may fail because ndsconfig uses a server side login which uses the NDS login by default. NDS login fails because the NDS password is no longer valid per the defined policy.
Steps:
1. Add the following in the pre_ndsd_start script located in /opt/novell/eDirectory/sbin (formerly located in /etc/init.d):
NDSD_TRY_NMASLOGIN_FIRST=true
export NDSD_TRY_NMASLOGIN_FIRST
2. Retry running `ndsconfig add` to create the new eDirectory instance.