Disabled users in Active Directory are being authorized to access protected resources on Policy Server

search cancel

Disabled users in Active Directory are being authorized to access protected resources on Policy Server

book

Article ID: 366816

calendar_today

Updated On:

Products

SITEMINDER CA Single Sign-On

Issue/Introduction

Users in an Active Directory user store can be successfully authenticated and granted access to protected resources when their password has expired in Active Directory under specific conditions.

Environment

Policy Server 12.8.8 and 12.8.8.1;
USER DIRECTORY on Microsoft Active Directory.

Resolution

Upgrade the Policy Server to 12.9 to solve this issue from fix DE593751 (1).

As a workaround, define the user directory at the Active Directory LDAP Root level.

Additional Information

Defects Fixed in 12.9

Feedback

thumb_up Yes

thumb_down No