AFP on Linux uses Universal Password as the authentication mechanism instead of the Simple Password authentication mechanism on NetWare. During migration from NetWare to Linux, the simple passwords on the NetWare system are synchronized to the Universal Password, so that the user can authenticate seamlessly to the AFP service on the Linux server.
This feature is restricted based on the following conditions:
The first-time login by the user should use the Diffie Hellman Exchange or clear-text authentication methods. The automatic password synchronization does not happen if the user authenticates by using the Random Exchange or Two-way Random Exchange method of authentication.
When the Diffie Hellman Exchange or clear-text authentication methods are used, the eDirectory service (ndsd) should be started with the environment variable NDSD_TRY_NDSLOGIN_FIRST set to TRUE.
If the above conditions are not met, all the users with Simple Passwords are required to manually authenticate to the AFP server on NetWare after they are enabled for Universal Password, in order to trigger the password synchronization to Universal Password.