In general, you should always pass the clear text password to the
directory server, and let it hash it and compare it. This also allows
you to use the password policy features of the directory server (e.g.
password syntax checking does not work with pre-hashed passwords).
Were these applications that pre-hashed the SSHA passwords, then
the pre-hashed SSHA password to the server, when adding a user or
modifying the password? If so, then it could be that the legacy SSHA
handling was broken.
They were pre-hashed, and sent in the pre-hash format to the add and modify