When running a Policy Server, after configuring a Password Policy with
Regular Expression, the Policy Server doesn't change the password and
reports in smaccess.log :
AuthReject myApp [10/Mar/2021:11:03:45 +0100] "UNKNOWN
cn=jsmith,dc=training,dc=com"
"myWebAgent GET /myApp/" []
[22] osRYswIxU2ObJwqyEeUwXAAAAAEAAAQHAAAAIAAAAAA= [] []
The expression is :
^[\x21-\x7EñÑ]{7,20}$
or
^[!-~ñÑ]{7,20}$
and it could be validated successfully on this site :
https://regexr.com/
with the following password :
!$CoDe**
The Password Policy is set with this configuration :
| NO Match | Tag | Regular Expression |
|----------+---------+--------------------|
| | pwregex | ^[\x21-\x7ExA4xA5] |
or
| NO Match | Tag | Regular Expression |
|----------+---------+---------------------------|
| | pwregex | ^[\x21-\x7ExA4xA5]{7,20}$ |
Upgrade Policy Server to 12.8SP6 to solve this issue. Make sure also
that the Regular Expression hasn't mixture of ASCII characters with
Hex representation. Use only ASCII or only HEX representation, but not
both mixted.