SmAuthReason not set correctly with 12.6 SP1 Policy Server

Article Id: 76085

Status: Published

Updated On: 11-04-2018 02:53

Products:

CA Single Sign On Secure Proxy Server (SiteMinder) , AXIOMATICS POLICY SERVER , CA Single Sign On SOA Security Manager (SiteMinder) , CA Single Sign-On , CA Single Sign-On

Issue/Introduction:

If an administrator forces a user to change password, the SmAuthReason is not set correctly when the user tries to access a protected resource - the SmAuthReason code continues to reflect as 0;

This feature works fine with SM PS 12.52 version.

All other use cases are working fine.

Cause:

Defects Fixed in 12.6.02

DE250284 - COMPONENT fails to prompt user to change the password though it expired, and accepts the expired login credentials.

https://docops.ca.com/ca-single-sign-on/12-6-01/en/release-notes/service-packs/defects-fixed-in-12-6-02

Environment:

CA Single Sign-On PS 12.6.01 on Linux RH 7.4 x64
User Store is Active Directory configured as LDAP with SSL access

Resolution:

Upgrading to 12.6 SP02 and enhanced AD integration enabled solved issue

Additional Information:

DE250284 - COMPONENT fails to prompt user to change the password though it expired, and accepts the expired login credentials.

https://docops.ca.com/ca-single-sign-on/12-6-01/en/release-notes/service-packs/defects-fixed-in-12-6-02