When we use the AdminUI, and we want to force a User to change its
password, the Header smauthreason is not set correctly. When this User
tries to access to a protected resource - smauthreason continues to be
set to 0 instead of 20. Why do we see this behavior and how can we fix
This feature works fine with SM PS 12.52 version.
All other cases work fine such as User disabled, password is changed successfully
CA Single Sign-On Policy Server 12.6.01 on Linux RH 7.4 x64 User Store is Active Directory configured as LDAP
Defects Fixed in 12.6.02
00474687 - DE250284 - COMPONENT fails to prompt user to change the password though it expired, and accepts the expired login credentials.
Upgrading to 12.6 SP02 and enhanced AD integration enabled solved issue