IDM 14.3 integrated with CA SSO 12.8. Some characters in the userid attribute cause issues when logging into IDM.  For example, if userid is: amak<, when reset password, the user no longer able to log in with the user.  In the access gateway trace logs, You will see:

[01/07/2020][11:08:58][14540][3004][1b9e6a28-a3714ecb-0ba41437-324594c1-e8f8bcf5-29][ProxyValve::invoke][The agent Failed to process the request with a returncode of 5Returning internal server error to the client].

Is there a list of characters should NOT allow for userid?

Release : 14.3

Component : CA IDENTITY SUITE (VIRTUAL APPLIANCE)

This was result userid contains space or special characters.

Avoid the following chars as they are part of userID validation rules.

^, %, +, \, ", &, ', {, |, }, <, >, #, \r, \n,[, ],*,/