Passwords and password hints are lost when users are modified with the LDAP Browser 2.8.2

  • 7014742
  • 14-Mar-2014
  • 14-Mar-2014


NetIQ eDirectory 8.8 SP8
Novell eDirectory 8.8 SP7


Jarek Gawor's JAVA based LDAP Browser/Editor v.2.8.2 was being used to add attributes to user objects in the tree.  Afterwards, the following issues could be seen:
- Challenge\Response questions are not working for these users or returning an Error: -618
- Secret Store not working for these users
- Simple Password issues
- errors in User App
It has also been reported that IDM Entitlement processing rules are affected.


It appears that this particular JAVA based LDAP Browser is either overwriting or corrupting a user's sasLoginConfigurationKey value when any other attribute is added or deleted.  There is also a report that the attribute DirXML-EntitlementRef will also be similarly affected should the attribute exist on an object being modified.
The resolution, as this is a third party product, is to use this tool for only browsing the objects in a tree - not to modify them.