Directory entries can contain user password attributes that are used to authenticate the user to the directory. By default, the values of such attributes are stored in a protected format, identified by the keyword {sunds} in the server configuration file. The encryption algorithm permits the use of the CRAM-MD5 authentication mechanism.
You can also encrypt user passwords using the crypt(3) encryption algorithm, which is the algorithm commonly applied to passwords stored in the /etc/passwd file. This algorithm is incompatible with the CRAM-MD5 authentication mechanism. This encryption method is identified by the keyword {crypt} in the server configuration file.
See "Configuring Security" for details of how to specify whether or not passwords are stored in an encrypted format.