Policy Server Guides › Policy Design Guide › Password Policies › Password Policy Troubleshooting › Incorrect Password Message Does Not Appear

Incorrect Password Message Does Not Appear

Symptom:

When a user submits a password change request that contains an invalid current password, the Password Change Information screen does not open with a message stating that the current password is incorrect. Rather, the Policy Server redirects the user to:

• The login screen without the message if an On-Auth-Reject-Redirect response is not bound to the policy configured with the user directory
• The URL associated with the On-Auth-Reject-Redirect response bound to the policy configured with the user directory

Solution:

Enable the DisallowForceLogin registry key, which is located at HKEY_LOCAL_MACHINE\SOFTWARE\Netegrity\SiteMinder\CurrentVersion\PolicyServer.

DisallowForceLogin

Redirects users to the Password Change Information screen to re-enter the current password when the change request contains an invalid current password.

KeyType: REG_DWORD

Value: 0 (disabled) or 1 (enabled)

Default: 0 (disabled)

Note: If you specify a value other than 0 or 1, the key is disabled and the Policy Server will redirect users to the login screen without the invalid current password message.