When setting up Password Services, it is important that you consider the following:
If you use Password Services with multiple Policy Servers, be sure the time settings on the Policy Server systems are synchronized, to prevent inadvertent disabling of user accounts or pre-mature forced password changes.
Directory Servers such as Netscape LDAP Directory Server allow you to create simple password policies which are evaluated by the directory before SiteMinder policies. If the Directory Server policies are more restrictive than SiteMinder policies, the Directory Server will accept or reject passwords without notifying SiteMinder. SiteMinder will not know that a user is attempting to login and will not provide any of the password management features.
Important! To use Password Policies, you must disable any Directory Server policies or make them less restrictive than the Password Policies.
Copyright © 2010 CA. All rights reserved. | Email CA about this topic |