MyTechReference - Technical Notes

MyTechReference


by IDAMGroup

CA Siteminder Change Password

How to configure Change Password using Siteminder Policy Server

This post will guide you to configure Siteminder Policy Server for “change password”  use case. This is a straight forward setup.

Version: CA Siteminder r12.51

Three steps to complete this setup

  1. Adding password attributes in the Policy Server configuration user store
  2. Create Password Policy in the Policy Server
  3. Add the change password URL in the HTML page

Adding password attributes in the policy server user store configuration

In the Siteminder policy server Admin console add two attributes in the User Store configuration

Infrastructure–> Directory–> User directory

 

mytechref_348

Password (RW)   

           Your actual password attribute for the user store. In my case i am using Novell eDirectory and its password attribute is “userPassword”

Password Data (RW)

          Is where your old passwords will be stored (history of password). I have created a new attribute “testsm” in Novell eDirectory.

 Create Password Policy

Policies-> Password–> Password Policies

Create new Password policy

In the User Directory Information , select the user Directory where you added the two attributes “Password” and “Password Data

Then select “Password policy applies to part of the directory  and select the container.  In my case all my users are under “ou=users” container

mytechref_350

 

Submit the changes

Add the Change Password URL

Edit your login page or main page and add the below URL

http://<domainname>/siteminderagent/forms/smpwservices.fcc?SMAUTHREASON=34&SMAGENTNAME=&TARGET=<target URL >

example

<a href=”http://webone.mysitea.com:82/siteminderagent/forms/smpwservices.fcc?SMAUTHREASON=34&SMAGENTNAME=webone_agent&TARGET=http://webone.mysitea.com:82/finance/index.html”>Change Password</font></a>

Note: SMAUTHREASON 34 for Password Change

Once you click this Change password link you will be redirect to the smpwservices.fcc page

 

mytechref_351

Enter the current user name and old and new password to successfully change the password.

Note: If you have password policy configured in user directory, the Password Policy in the Policy server should be stronger than the password policy in the User Directory.

---------------------------------------------------------------------------------------------------------------------------------------------

Disclaimer: Content posted here worked for me and may not guarantee success, should be used as reference only and please use it cautiously.