ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Password Policy redirect

book

Article ID: 41404

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

INTRODUCTION:

With Siteminder in the picture, when user account status invokes the password services (native or Siteminder password policy), user is redirected to the smpwservices.fcc page by default.

 

QUESTION:

How to redirect user to a customized error page when password services is invoked?

Use case:

1) SiteMinder Password Policy is disabled

2) Active Directory as user directory

3) Defined user directory with LDAP namespace in Siteminder

 

User account status (change password by next login/ user account is disabled) invokes password services and Policy Server redirects user to the default password services page – smpwervices.fcc.

 

ENVIRONMENT:

Policy Server: R12.52 SP1 CR1

Webagent: R12.52 SP1 CR1 on IIS 7.5

 

ANSWER:

If Password Services is invoked and there is no SM password policy configured, set the environment variable NETE_PWSERVICES_REDIRECT at Policy Server, to a relative path for smpwservices.fcc or relative path for customized error page e.g: /siteminderagent/forms/smpwservices.fcc. If the error page is hosted on a specific server, define the full URL e.g: http://support.ca.com/index.asp.

Policy Server will redirect user to the defined page according to the NETE_PWSERVICES_REDIRECT environment variable, if either criteria is fulfilled:

  •  Redirect URL in SM password policy is blank OR
  •   No SM password policy is defined

If SM password policy is configured, specify the error page at the Redirect URL column or clear the column if you want it to default to the value associated with NETE_PWSERVICES_REDIRECT environment variable.

<Please see attached file for image>

PwdPolicy1.PNG

 

NOTES:

If you have SM password policy defined and you are relying on NETE_PWSERVICES_REDIRECT environment variable, Redirect URL needs to be cleared every time before you define/ redefine value for NETE_PWSERVICES_REDIRECT environment variable.

Environment

Release:
Component: SMAPC

Attachments

1558721757064000041404_sktwi1f5rjvs16w70.png get_app