When migrating users from the Legacy LDAP system to the CA Directory LDAP User Directory to work with the Policy Server.

The Legacy LDAP system has a logic to get passwords in plain text.

How to hash the passwords before importing them into the CA Directory LDAP User Directory?

Policy Server doesn't handle the hashing of the password; the CA Directory LDAP Store does handle it.

The only data Policy Server encrypts the password blob (1).

Run the ldapsearch command line on the Policy Server to bind the user, and see if the command is successful or not after having imported the users with their passwords in the new User Store:

 # ldapsearch "-b <base_dn>" -x "-D <user_dn>" -w <password> -h <ldapserver_ip:port> -s sub '<users_attribute>'

To illustrate:

# ldapsearch "-b cn=Users,dc=example,dc=com" -x "-D cn=<Username>,cn=Users,dc=example,dc=com" -w <Password> -h <IP>:<Port> -s sub 'cn=<Username>'

1. Password Data blob when migrating User Directory data to a new store