IdentityMinder directory (Legacy_Onyx KB Id: 220295)

Document ID : KB000055084
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

When a user directory is configured for IdentityMinder, there is an attribute "Disable Flag(RW)", which may hold different values.

I understand

0 - means enabled
1 - means disabled

2 - means user locked due to too many login attempts with wrong password

16777216 - means user enabled but must change password

16777218 - means user locked due to too many login attempts with wrong password and must change password

Are they correct? Any more possible values?


Solution:

The above values are correct. Did you install the Siteminder Dev. Kit when installing Siteminder ?
The comprehensive list of these values are listed in the SmApi.h (SiteMinder/SDK/include).
In any case, here they are :

State = Hex = Decimal
--------------------------
Sm_Api_Disabled_AdminDisabled = 0x00000001 = 1
Sm_Api_Disabled_MaxLoginFail = 0x00000002 = 2
Sm_Api_Disabled_Inactivity = 0x00000004 = 4
Sm_Api_Disabled_PWExpired = 0x00000008 = 8
Sm_Api_Disabled_PWMustChange = 0x01000000 = 16777216

Sm_Api_Disabled_AdminDisabled | Sm_Api_Disabled_PWMustChange = 0x01000001 = 16777217
Sm_Api_Disabled_MaxLoginFail | Sm_Api_Disabled_PWMustChange = 0x01000002 = 16777218
Sm_Api_Disabled_Inactivity | Sm_Api_Disabled_PWMustChange = 0x01000004 = 16777220
Sm_Api_Disabled_PWExpired | Sm_Api_Disabled_PWMustChange = 0x01000008 = 16777224