Password Data blob when migrating User Directory data to a new store
search cancel

Password Data blob when migrating User Directory data to a new store


Article ID: 16191


Updated On:


CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On SITEMINDER



When planning to migrate users from the current User Directory to a new one, currently the environment uses this User Directory for Password Services (1). As part of the migration, the user password attributes (including the disabled flag, and password blob) will be migrated to the new store. Then, the User Directory on the AdminUI settings will be changed to use the new one.

When doing this, could the password data attribute be lost? Could this cause any impact on losing the encrypted data from the password attributes?




As there are not going to be any other changes rather than the User Directory itself, and the user structure and content will be maintained, there will not be any problem, as the password blob is still stored (and moved) so the Policy Server it is the same one using the same session key to decrypt the password blob (2). So as long as the password data attribute containing the blob is maintained in the new User Directory, the Policy Server will be able to decrypt it when needed again.


Additional Information



    Configure a LDAP User Store connection - Password Data


    Password policy data consideration when Upgrading Siteminder