ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

AD Old Password Still Accepted


Article ID: 4887


Updated On:


CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On


We have recently implemented a change password mechanism using smpwservices.fcc for a new application. It is working as expected and if I logoff and logon with new credentials everything seem to work fine.

The problem is that (for a certain period of time) I'm able to login with old credentials too. Why is this possible? Is it a caching issue? How can I force Siteminder to accept only the new credentials?


This is expected as AD will keep old password valid for some time:


Component: SMPLC


Product is working as designed.

Delay is in 'new password' propagation in AD infrastructure