search cancel

SMREASON not set correctly when Administrator Forces user to change Password

book

Article ID: 8332

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

When we use the AdminUI, and we want to force a User to change its

password, the Header smauthreason is not set correctly. When this User

tries to access to protected resource - smauthreason continue to be

set to 0 instead of 20. Why do we see this behavior and how can we fix

this ?

 

This feature works fine with SM PS 12.52 version.

 

All other cases work fine such as User disabled, password is changed successfully

 

Environment

CA Single Sign-On Policy Server 12.6.01 on Linux RH 7.4 x64 User Store is Active Directory configured as LDAP

Cause

Defects Fixed in 12.6.02

00474687 - DE250284 - COMPONENT fails to prompt user to change the password though it expired, and accepts the expired login credentials.

 

https://docops.ca.com/ca-single-sign-on/12-6-01/en/release-notes/service-packs/defects-fixed-in-12-6-02

Resolution

Upgrading to 12.6 SP02 and enhanced AD integration enabled solved issue

Additional Information

https://docops.ca.com/ca-single-sign-on/12-6-01/en/release-notes/service-packs/defects-fixed-in-12-6-02