search cancel

Error: Password Policies are not supported

book

Article ID: 113226

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Governance CA Identity Portal

Issue/Introduction

After enabling Siteminder/SSO integration, Identity Manager is restarted and the system log shows this error:

ERROR [ims.default] (default task-42) Password Policies are not supported. No %PASSWORD_DATA% attribute has been configured.

This is also reflected in the Password Policy Management UI but with additional instruction, stating a need for configuration in the “SiteMinder user directory”

 Error: Password Policies are not supported. A Password Data attribute must be configured on the SiteMinder user directory to support password policies.

 

Cause

Identity Manager and Siteminder objects are not synchronized.
The problem exists at the XPS data layer in SiteMinder (SSO).
This usually occurs when the directory.xml is imported before the SSO-IM integration is completed.

Environment

Release:
Component: IDSVA

Resolution

Synchronize the user directory objects between Identity Manager and SSO\SiteMinder by clearing out the Identity Manager Environment (IME) and directory, and then recreate them:

>Make sure you have a backup of the user directory.xml and Environment.zip with its xml files.
>Delete the directory and environment via the IM management console.
>In the SM WAMUI verify all IM environment and directory objects are deleted. Delete any IME or directory objects that still exist. You can delete those that are marked "Created by IDM---Do not delete."
>Use XPSXplorer to remove any remaining XPS objects related to the target environment and directory.
>Make sure all SM-IM integration steps have been completed.
>In IDM management console, Create the directory using the desired directory.xml.
>In IDM management console create the environment using the environment.zip.