The is used to ensure that clear-text passwords contained in LDIF entries are properly encoded before they are stored in the appropriate Directory Server backend. ds-cfg-password-policy-import-plugin ds-cfg-plugin org.opends.server.plugins.PasswordPolicyImportPlugin ldifimport false Specifies the names of the password storage schemes that will be used for encoding passwords contained in attributes with the user password syntax for entries that do not include the ds-pwp-password-policy-dn attribute to specify which password policy should be used to govern them. If the default password policy uses the attribute with the user password syntax, then the server will use the default password storage schemes for that password policy. Otherwise, it will encode user password values using the "SSHA" scheme. ds-cfg-default-user-password-storage-scheme Specifies the names of password storage schemes that will be used for encoding passwords contained in attributes with the auth password syntax for entries that do not include the ds-pwp-password-policy-dn attribute to specify which password policy should be used to govern them. If the default password policy uses an attribute with the auth password syntax, then the server will use the default password storage schemes for that password policy. Otherwise, it will encode auth password values using the "SHA1" scheme. ds-cfg-default-auth-password-storage-scheme