NetIQ eDirectory 8.8 SP8
Novell eDirectory 8.8 SP7
Jarek Gawor's JAVA based LDAP Browser/Editor v.2.8.2 was being used to add attributes to user objects in the tree. Afterwards, the following issues could be seen:
- Challenge\Response questions are not working for these users or returning an Error: -618
- Secret Store not working for these users
- Simple Password issues
- errors in User App
It has also been reported that IDM Entitlement processing rules are affected.
It appears that this particular JAVA based LDAP Browser is either overwriting or corrupting a user's sasLoginConfigurationKey value when any other attribute is added or deleted. There is also a report that the attribute DirXML-EntitlementRef will also be similarly affected should the attribute exist on an object being modified.
The resolution, as this is a third party product, is to use this tool for only browsing the objects in a tree - not to modify them.