search cancel

Can we use any other attribute as password attribute other than "UserPassword" for authentication with SunOne Directory Server?


Article ID: 54029


Updated On:


CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On



In some cases instead of UserPassword, another LDAP attribute is used to store the user's password.

Is there a way to change this attribute or policy server will always use UserPassword attribute for password check in LDAP(any type of ldap)?


No it is not possible. SiteMinder does not compare the values in attributes for authentication but uses the bind call with the user credentials to bind (login) to the LDAP store. If the bind (login) is successfull then user is authenicated.

SiteMinder do not match the password with a value and therefore the attribute can not be changed as the LDAP standard defined the storage and behavior of the bind call.

It is also recommended that you would also not wish to do this as the other attributes in the store are stored in clear text.


Component: SMPLC