INTRODUCTION:
With Siteminder in the picture, when user account status invokes the password services (native or Siteminder password policy), user is redirected to the smpwservices.fcc page by default.
QUESTION:
How to redirect user to a customized error page when password services is invoked?
Use case:
1) SiteMinder Password Policy is disabled
2) Active Directory as user directory
3) Defined user directory with LDAP namespace in Siteminder
User account status (change password by next login/ user account is disabled) invokes password services and Policy Server redirects user to the default password services page – smpwervices.fcc.
ENVIRONMENT:
Policy Server: R12.52 SP1 CR1
Webagent: R12.52 SP1 CR1 on IIS 7.5
ANSWER:
If Password Services is invoked and there is no SM password policy configured, set the environment variable NETE_PWSERVICES_REDIRECT at Policy Server, to a relative path for smpwservices.fcc or relative path for customized error page e.g: /siteminderagent/forms/smpwservices.fcc. If the error page is hosted on a specific server, define the full URL e.g: http://support.ca.com/index.asp.
Policy Server will redirect user to the defined page according to the NETE_PWSERVICES_REDIRECT environment variable, if either criteria is fulfilled:
If SM password policy is configured, specify the error page at the Redirect URL column or clear the column if you want it to default to the value associated with NETE_PWSERVICES_REDIRECT environment variable.
<Please see attached file for image>
NOTES:
If you have SM password policy defined and you are relying on NETE_PWSERVICES_REDIRECT environment variable, Redirect URL needs to be cleared every time before you define/ redefine value for NETE_PWSERVICES_REDIRECT environment variable.