Expired AD User password redirect customm fcc

Document ID : KB000047621
Last Modified Date : 14/02/2018
Show Technical Document Details

Issue: 

Active Directory Users with expired password are being redirected to the out of the box smpwservices.fcc instead of our custom .fcc while being redirected to change their password.

We have configured Enhanced Active Directory Integration which means that AD is handling the password policy, and so we cannot define the redirection URL in Siteminder Password Policy

Environment:  

Siteminder 12.52 SP1

Cause: 

If Password Services is invoked and there is no password policy configured, the CA Single Sign-On Administrator at the Policy Server should set the environment variable

NETE_PWSERVICES_REDIRECT to a relative path for smpwservices.fcc.

Resolution/Workaround:

1. If Password Services is invoked and there is no password policy configured, the CA Single Sign-On Administrator at the Policy Server should set the environment variable

NETE_PWSERVICES_REDIRECT to a relative path for smpwservices.fcc.

The path is:

/siteminderagent/forms/smpwservices.fcc

You will have to set the above environment variable to point to the custom .fcc

2. Then restart your Policy server

 

Additional Information:

 

https://docops.ca.com/ca-single-sign-on/12-52-sp2/en/configuring/web-agent-configuration/agents-and-password-services