Environment
NetIQ eDirectory 8.8 SP8
Novell eDirectory 8.8 SP7
Situation
Jarek Gawor's JAVA based LDAP Browser/Editor v.2.8.2 was being used to add attributes to user objects in the tree. Afterwards, the following issues could be seen:
- Challenge\Response questions are not working for these users or returning an Error: -618
- Secret Store not working for these users
- Simple Password issues
- errors in User App
It has also been reported that IDM Entitlement processing rules are affected.
Resolution
It appears that this particular JAVA based LDAP Browser is either overwriting or corrupting a user's sasLoginConfigurationKey value when any other attribute is added or deleted. There is also a report that the attribute DirXML-EntitlementRef will also be similarly affected should the attribute exist on an object being modified.
The resolution, as this is a third party product, is to use this tool for only browsing the objects in a tree - not to modify them.