If the hashing algorithm has changed in CA Directory, will it affect Users?

book

Article ID: 104911

calendar_today

Updated On:

Products

DIRECTORY

Issue/Introduction



Users were successfully migrated from OID to CA Directory.  Oracle Internet Directory uses SHA-1 hashing algorithm and CA Directory uses SSHA-512 by default. For the purpose of migration the hashing algorithm in Direcotry was changesd to be SHA-1. 
If the hashing algorithm has changed in CA Directory, will it affect Users?

Environment

Release:
Component: ETRDIR

Resolution

Once you have loaded your data from OID to Directory, then you can change the password storage back to SSHA-512 and restart the DSA. This will not affect the existing passwords. But every time a user changes their password, it will be hashed in SSHA-512. The existing users will not be affected. 

Additional Information

See the communities post here for more details: CA Directory Convert Passwords Already in a DSA to a New Encryption Method - https://communities.ca.com/thread/119859393