Hi Team,
I have built an Siteminder test environment with AD LDS as the user store connected over SSL. Now if I try to change a user password from WAM UI -> Administration -> Users -> Manage Accounts, it fails with an an exception.
I am not sure if I missed any configuration which leads to this error.
Issue-
WAM UI Error-
SMPS Log-
[1524/3260][Fri Sep 16 2016 10:45:02][SmDsLdapFunctionImpl.cpp:1374][ERROR][sm-Ldap-00880] (SetUserProp) DN: 'CN=testuser4,OU=people,DC=security,DC=com', PropName: 'unicodePwd', PropValue: '****' . Status: Error 19 . Constraint violation
SMAccess log-
[16/Sep/2016:10:45:02 +0530]: Category Admin (100), Event ChangePassword (601),
Username siteminder, SessionId siteminder@6Ap+72blQwMldDTadW7+d0oBvKk=
DirectoryName AD LDS Instance
ObjectName testuser4, ObjectClass , ObjectPath CN=testuser4,OU=people,DC=security,DC=com
Organization security, Role
Description: Modify password
Status: 0393: Failed to change password
ObjectName testuser4, ObjectClass , ObjectPath CN=testuser4,OU=people,DC=security,DC=com
Steps followed to setup AD LDS as user store connection over SSL-
1. Root Certificate and server certificate(2048 bit RSA) are installed in cert8.db
2. AD LDS -> dsmgmt - ADAMDisablePasswordPolicies set to 1
3. NameSpace - LDAP
Directory-> User attribute mapping as-
Apart from these normal settings, do I have to tweak anything other siteminder settings to be able to change unicodePWD attribute?
Please help me.
Thanks & Regards,
Debasish.