CA Identity Manager: Restriction on Create User without a Password
book
Article ID: 110045
calendar_today
Updated On:
Products
CA Identity ManagerCA Identity GovernanceCA Identity Portal
Issue/Introduction
When the Identity Manager password policy is enabled the Create User is giving the following error even though the Password is not a required field.
Create user "UID" in organization "ORG": Failed to execute CreateUserEvent. ERROR MESSAGE: PasswordMessageType::Short Arguments 0 = 7
Environment
All Identity Manager 14.0+ environments
Resolution
In IDM 14.x the product executes the password policies regardless of if a password is provided or required. The password policies aren’t ‘optional’. If enabled then they execute and check the minimum password and unless 7 chars then it will fail. It doesn’t care or take into account the launching task and if the password is optional. If you disable your password policy the product will allow you to create users with no passwords.
Please note that this behavior was different in previous versions of the product, in 12.6.x you could create users that had no passwords even with password policies enabled. This option was removed for security reasons.