search cancel

User password hash migration Legacy LDAP to CA Directory - Siteminder


Article ID: 256365


Updated On:





When migrating users from the Legacy LDAP system to the CA Directory LDAP User Directory to work with Policy Server.

The Legacy LDAP system has a logic to get passwords in plain text.

How to hash the passwords before importing them into the CA Directory LDAP User Directory?




Policy Server doesn't handle the hashing of the password; the CA Directory LDAP Store does handle it.

The only data Policy Server encrypts the password blob (1).

Run the ldapsearch command line on the Policy Server to bind the user, and see if the command is successful or not after having imported the users with their passwords in the new User Store:

  # ldapsearch "-b base_dn" -x "-D user_dn" -w password -h ldapserver_ip:port -s sub 'users_attribute'


  # ldapsearch "-b cn=Users,dc=training,dc=com" -x "-D cn=jsmith,cn=Users,dc=training,dc=com" -w [email protected] -h -s sub 'cn=jsmith'


Additional Information



    Password Data blob when migrating User Directory data to a new store