CA Identity Manager: Restriction on Create User without a Password


Article ID: 110045


Updated On:


CA Identity Manager CA Identity Governance CA Identity Portal


When the Identity Manager password policy is enabled the Create User is giving the following error even though the Password is not a required field.

Create user "UID" in organization "ORG": Failed to execute CreateUserEvent. ERROR MESSAGE: PasswordMessageType::Short Arguments 0 = 7 


All Identity Manager 14.0+ environments 


In IDM 14.x the product executes the password policies regardless of if a password is provided or required. The password policies aren’t ‘optional’. If enabled then they execute and check the minimum password and unless 7 chars then it will fail. It doesn’t care or take into account the launching task and if the password is optional. If you disable your password policy the product will allow you to create users with no passwords. 

Please note that this behavior was different in previous versions of the product, in 12.6.x you could create users that had no passwords even with password policies enabled. This option was removed for security reasons.