SMREASON not set correctly when Administrator Forces user to change Password

book

Article ID: 8332

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) AXIOMATICS POLICY SERVER CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

When we use the AdminUI, and we want to force a User to change its

password, the Header smauthreason is not set correctly. When this User

tries to access to protected resource - smauthreason continue to be

set to 0 instead of 20. Why do we see this behavior and how can we fix

this ?

 

This feature works fine with SM PS 12.52 version.

 

All other cases work fine such as User disabled, password is changed successfully

 

Cause

Defects Fixed in 12.6.02

00474687 - DE250284 - COMPONENT fails to prompt user to change the password though it expired, and accepts the expired login credentials.

 

https://docops.ca.com/ca-single-sign-on/12-6-01/en/release-notes/service-packs/defects-fixed-in-12-6-02

Environment

CA Single Sign-On Policy Server 12.6.01 on Linux RH 7.4 x64 User Store is Active Directory configured as LDAP

Resolution

Upgrading to 12.6 SP02 and enhanced AD integration enabled solved issue

Additional Information

https://docops.ca.com/ca-single-sign-on/12-6-01/en/release-notes/service-packs/defects-fixed-in-12-6-02