If the hashing algorithm has changed in CA Directory, will it affect Users?
book
Article ID: 104911
calendar_today
Updated On:
Products
DIRECTORY
Issue/Introduction
Users were successfully migrated from OID to CA Directory. Oracle Internet Directory uses SHA-1 hashing algorithm and CA Directory uses SSHA-512 by default. For the purpose of migration the hashing algorithm in Direcotry was changesd to be SHA-1. If the hashing algorithm has changed in CA Directory, will it affect Users?
Environment
Release: Component: ETRDIR
Resolution
Once you have loaded your data from OID to Directory, then you can change the password storage back to SSHA-512 and restart the DSA. This will not affect the existing passwords. But every time a user changes their password, it will be hashed in SSHA-512. The existing users will not be affected.
Additional Information
See the communities post here for more details: CA Directory Convert Passwords Already in a DSA to a New Encryption Method - https://communities.ca.com/thread/119859393