search cancel

Password Policy Invalid Regular Expression


Article ID: 243295


Updated On:


CA Identity Manager


We are facing an issue related to IDM Password Policy where a regular expression is not getting saved/configured.

We are trying to save following but getting error as invalid regular expression:

^[][email protected]#$&?:;.(){}[_]*$

Above regular expression was permitted in IDM 12.5 and 12.6 earlier versions.



Release : 14.4

Component : IdentityMinder(Identity Manager)


CA IDM v14.4, tightly integrated with CA SiteMinder v12.8 (12.8.0600.2649). 


Identity Manager and SiteMinder use different regex (regular expression) formats which can reveal occasional differences in allowed expressions.


Siteminder uses two regular expression formats, Henry Spencer Regular Expression and PCRE Format

By default PCRE format is disabled.


Please follow the below instructions to solve the issue.

1) Enable the PCRE format for regular expression, please follow the below doc link for the same, in this section

Support for Regular Expressions in PCRE Format

2) Restart your policy server

3) Flush the Policy Server cache

4) Modify the Password policy regular expression from ^[[email protected]#$&?:;.(){}[_]]*$ to ^[[email protected]#$&?:;.(){}\[_\]]*$, which is accepted by both Identity Manager Regular Expression and Siteminder Regular Expressions Patterns


With above changes I was successfully able to configure Passw0r& password.