Were these applications that pre-hashed the SSHA passwords, then
sent
the pre-hashed SSHA password to the server, when adding a user or
modifying the password? If so, then it could be that the legacy SSHA
handling was broken.
Here is an example of the perl code I used to create the password.
<snip>
my $password = 'thepassword';
use Digest::SHA1;
use MIME::Base64;
my $ctx = Digest::SHA1->new;
$ctx->add($password);
$ctx->add('salt');
my $hashedPasswd = '{SSHA}' . encode_base64($ctx->digest . 'salt'
,'');
</snip>
i.e: the way not to do it.