User is auto enabled in IM
search cancel

User is auto enabled in IM

book

Article ID: 262207

calendar_today

Updated On:

Products

CA Identity Suite

Issue/Introduction

When the user is disabled in IM but enabled in active directory, and you know the password
When you login with the disabled userID and known password the user is auto-enabled in IM.

 

Environment

Release : 14.4

Resolution

If the user is enabled in AD then the IDM user should be enabled during authentication as IDM authentication is dependent on AD where the user is enabled.

Why would we not honor the disabled state, but honor a password expiration from the password policy?


Authentication and Password Policy is two different entities. A password expiration from the password policy is honored after the user gets authenticated, during authorization.