Ticket #561 - disable writing unhashed#user#password to changelog
    
    Fix description: unhashed password was introduced to give an
    opportunity to get the unhashed password to plugins.  But it
    is not always needed.  If it is not, it is preferable to
    disable the functionality.
    
    1) Ticket #402 "unhashed#user#password in entry extension"
       switched the way how the unhashed password is stored.
       It used to be put in the attribute list in the entry.
       The patch changed it to store in the entry extension.
       To provide the migration period, it has been stored in
       the both places.  This patch is disabling the old
       attribute list method.
    2) Introducing a config parameter nsslapd-unhashed-pw-switch
       to cn=config.  The parameter takes 3 values:
       on    - unhashed password is stored in the entry extension
               and logged in the changelog.
       nolog - unhashed password is stored in the entry extension
               but not logged in the changelog.
       off   - unhashed password is not stored in the entry extension.
    3) As reported in the ticket #577 "Attribute name unhashed#user
       #password is not valid per RFC 4512", the pseudo attribute
       type is violating the RFC.  Once, disabling to store it in
       the attribute list in the entry, the OID is not needed in
       the schema any more.  Thus, the pseudo attribute type is
       eliminated from the schema.
    
    https://fedorahosted.org/389/ticket/561
    
    Reviewed by Rich (Thank you!!)