ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Password Services :: Wrong Password Management

book

Article ID: 50011

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

Description:

I have configured Password Services, and it seems that when a user enters the wrong current password during password change process user is redirected with smauthreason 20 instead of 22. User does not get the message that the current password is incorrect.

How can I fix it?

Solution:

In order to get the right messages, you need to Add/Modify this registry setting in the Policy Server:
HKEY_LOCAL_MACHINE\SOFTWARE\Netegrity\SiteMinder\CurrentVersion\PolicyServer\DisallowForceLogin 0x1; REG_DWORD

And stop/start the Policy Server

Now during the Password Change process:

  1. If the user enters a wrong current password, the smauthreason will be 22 and the message will say wrong current password;

  2. If the user uses the correct current password but the new password doesn't respect the Password Policies, the smauthreason will always be 22 and the message will say bad new password.

Environment

Release:
Component: SMSDK