Novell Documentation: Nsure Identity Manager Drivers - Comparison of Password Synchronization 1.0 and Password Synchronization Provided with Identity Manager

Comparison of Password Synchronization 1.0 and Password Synchronization Provided with Identity Manager

	Password Synchronization 1.0	Password Synchronization with Identity Manager 2
Product delivery	A product separate from DirXML.	A feature included with Identity Manager, not sold as a separate product.
Platforms	Active Directory NT Domain	Full bidirectional password synchronization is supported on these platforms: Active Directory eDirectory NIS NT Domain These connected systems support publishing user passwords to Identity Manager. Because Universal Password (and Distribution Password) is reversible, Identity Manager can distribute passwords to connected systems. Any connected system that supports the Subscriber password element can subscribe to passwords from Identity Manager. See "Connected System Support for Password Synchronization" in the Novell Nsure Identity Manager 2 Administration Guide.
Password used in eDirectory	NDS^® Password (non-reversible)	Universal Password (reversible), or Distribution Password (also reversible). The NDS password can also be kept synchronized, if desired. For example scenarios, see "Implementing Password Synchronization" in the Novell Nsure Identity Manager 2 Administration Guide.
Main functionality for Windows connected systems	To send passwords to DirXML so the eDirectory password is synchronized with the Windows password. Because the NDS password is not reversible, passwords were not sent back to NT or AD.	To provide bi-directional password synchronization. Because Universal Password (and Distribution Password) is reversible, passwords can be synchronized in both directions.
LDAP changes	Not supported.	Supported
Novell Client^TM	Required.	Not required.
nadLoginName attribute	Used for keeping passwords updated.	Not used.
The component that contains the password synchronization functionality	The DirXML driver contained the functionality for updating nadLoginName.	Policies in the driver configuration provide the password synchronization functionality. The driver simply carries out the tasks given by the DirXML engine, which come from logic in the policies. The driver manifest, global configuration values, and driver filter settings must also support password synchronization. These are included in the sample driver configurations, or can be added to an existing driver. See Upgrading Existing Driver Configurations to Support Identity Manager Password Synchronization.
Agents	A separate piece of software.	No agents are installed; instead, the functionality is now part of the driver.