We're syncing passwords between AD and eDir. What we've noticed is that
if a password in AD is reset to the same password, then it appears that
does not sync to eDir because attribute optimization takes effect.

This has the side effect of not changing the pwdChangeDate, which then
drives a mismatch between the AD password expire date and the eDir
expire date.

We also compare the AD and eDir change dates to make sure that password
sync is actually working.

The obvious solution is to disable optimization for the
nspmDistributionPassword attribute, except that it is already

Does anyone have any ideas on how to fix this?



ekuzmack's Profile: http://forums.novell.com/member.php?userid=5487
View this thread: http://forums.novell.com/showthread.php?t=311873