Tech Tip : CA Single Sign-On : SMREASON not set correctly when Administrator Forces user to change Password

Document created by Osarobo_Idehen Employee on Nov 15, 2017
Version 1Show Document
  • View in full screen mode

Issue:


When we use the AdminUI, and we want to force a User to change its

password, the Header smauthreason is not set correctly. When this User

tries to access to a protected resource - smauthreason continues to be

set to 0 instead of 20. Why do we see this behavior and how can we fix

this?

 

This feature works fine with SM PS 12.52 version.

 

All other cases work fine such as User disabled, password is changed successfully



Environment:

 

CA Single Sign-On Policy Server 12.6.01 on Linux RH 7.4 x64 User Store is Active Directory configured as LDAP



Cause:


Defects Fixed in 12.6.02

00474687 - DE250284 - COMPONENT fails to prompt user to change the password though it expired, and accepts the expired login credentials.

 

https://docops.ca.com/ca-single-sign-on/12-6-01/en/release-notes/service-packs/defects-fixed-in-12-6-02

 


Resolution:


Upgrading to 12.6 SP02 and enhanced AD integration enabled solved issue

Additional Information:


https://docops.ca.com/ca-single-sign-on/12-6-01/en/release-notes/service-packs/defects-fixed-in-12-6-02

 

 

KD : TEC1887605

Attachments

    Outcomes