Error: Password Policies are not supported

Document ID : KB000113226
Last Modified Date : 06/09/2018
Show Technical Document Details
Issue:
After enabling Siteminder/SSO integration, Identity Manager is restarted and the system log shows this error:

ERROR [ims.default] (default task-42) Password Policies are not supported. No %PASSWORD_DATA% attribute has been configured.

This is also reflected in the Password Policy Management UI but with additional instruction, stating a need for configuration in the “SiteMinder user directory”

 Error: Password Policies are not supported. A Password Data attribute must be configured on the SiteMinder user directory to support password policies.

 
Cause:
Identity Manager and Siteminder objects are not synchronized.
The problem exists at the XPS data layer in SiteMinder (SSO).
This usually occurs when the directory.xml is imported before the SSO-IM integration is completed.
Resolution:
Synchronize the user directory objects between Identity Manager and SSO\SiteMinder by clearing out the Identity Manager Environment (IME) and directory, and then recreate them:

>Make sure you have a backup of the user directory.xml and Environment.zip with its xml files.
>Delete the directory and environment via the IM management console.
>In the SM WAMUI verify all IM environment and directory objects are deleted. Delete any IME or directory objects that still exist. You can delete those that are marked "Created by IDM---Do not delete."
>Use XPSXplorer to remove any remaining XPS objects related to the target environment and directory.
>Make sure all SM-IM integration steps have been completed.
>In IDM management console, Create the directory using the desired directory.xml.
>In IDM management console create the environment using the environment.zip.