Error while Resetting user password
search cancel

Error while Resetting user password

book

Article ID: 194339

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Governance CA Identity Portal CA Identity Suite

Issue/Introduction

If user tries to Reset User Password the following error message is displayed in the View Submitted Task.

[LDAP: error code 53 - 0000001F: SvcErr: DSID-031A12D2, problem 5003 (WILL_NOT_PERFORM), data 0 ]; 
nested exception is javax.naming.OperationNotSupportedException:[LDAP: error code 53 - 0000001F: SvcErr: DSID-031A12D2, problem 5003 (WILL_NOT_PERFORM), data 0]

 

In the Provisioning Server log file (etatrans) we have the error message:

ERROR [com.netegrity.crypto.PBESHA1RC2CBCPKCS12PBE5128Handler] (default task-61) org.bouncycastle.util.encoders.DecoderException: unable to decode base64 data: invalid characters encountered in base64 data

Environment

Identity Manager 14.3

Virtual Appliance and On-Premisses versions

Cause

  • The Identity Manager was configured to authenticate with Active Directory, in the Identity Manager Management Console > Environments > <YOUR_ENVIRONMENT> > Advanced Settings > User Console > "Authentication Properties" section, in the Module Properties, the Port was 389 and SSL = FALSE
  • The Active Directory endpoint, Security tab, was set to SSL

 

Resolution

As the Active Directory endpoint was configured to use SSL in the Security tab, we must set the SSL in the "Module Properties" too.

  • In the SERVER field, set the IP or Hostname and the 636 Port, i.e <hostname>:636
  • In the SSL field, change to TRUE
  • Click the Save button twice and double-check if the Active Directory is selected, and Restart Environment button.
  • From Provisioning Server and IM Server machines, run the command below to import the CA certificate to the keystone, and restart Identity Manager service

             keytool -importcert -file <the ca cert file> -keystore $JAVA_HOME/jre/lib/security/cacerts

  • restart im using im_stop / start_im

Additional Information

https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/identity-manager/14-3/configuring/advanced-settings/manage-authentication-module-properties.html