How to configure Identity Manager to use your Web UI password policy


Article ID: 33657


Updated On:


CA Identity Manager CA Identity Governance CA Identity Portal CA Risk Analytics CA Secure Cloud SaaS - Arcot A-OK (WebFort) CLOUDMINDER ADVANCED AUTHENTICATION CA Secure Cloud SaaS - Advanced Authentication CA Secure Cloud SaaS - Identity Management CA Secure Cloud SaaS - Single Sign On



There are three places where settings must be configured to ensure that IDM password policies will be evaluated. What the first step does is tells the password sync agent that the Identity Manager system is going to handle password policies. Step two shuts off Provisioning Manager’s password policy handling. Finally, step three tells the system that the IDM UI password policy is the policy to use.


  1. On the system that has Password Sync Agent installed, go to the following path: C:\Program Files\CA\eTrust Admin Password Sync Agent\data

        Note: this is the default installation path


    1. Open the file eta_pwdsync.conf using an editor program such as notepad
    2. Search for the following text: profile_enabled
    3. Set the profile_enabled variable to yes

<Please see attached file for image>


2. In Provisioning Manager go to System => Password Profile and ensure that the option for Enable password quality controls is turned off.

<Please see attached file for image>


3. In Provisioning Manager go to System => Domain Configuration => Identity Manager Server => Use External Password Policies and ensure that the value is set to yes.

<Please see attached file for image>



Release: CAIDMB99000-12.6.7-Identity Manager-B to B


1558699574118000033657_sktwi1f5rjvs16opy.jpeg get_app
1558699572433000033657_sktwi1f5rjvs16opx.jpeg get_app
1558699570401000033657_sktwi1f5rjvs16opw.png get_app