We are deploying SSPR for an eDirectory LDAP. Would the recommendation be to create password policies in SSPR or to use NMAS password policies? The SSPR password policies seem to have as many options as the NMAS ones but with the option to store challenge/response using one-way hash rather than the NMAS 3DES reversible-encryption.
Is SSPR designed to replace the need for NMAS password management as it seems to offer far more options?