NetIQ IDM 4.0.2 AE
Novell IDM 3.5.1


We have issues with some of the users while setting a random password
from within a NULL driver SUBSCRIBER-EVENTRANSFORMATION dirxml POLICY on
the driver.

The issue happens only for few users, not all. The random password
string complies with our password policy settings. Setting the same
password using "Set Unviversal Password " from iManager works.


What is causing that???.. and how to verify the random string does
comply with the password policy from a external tool?

And is it possible to catch this error from the Dirxml policy to notify
first line about it? We are using the Dirxml Set-Password from
within Sub-Etp on the driver.

<do-set-src-password>
<arg-string>
<token-local-variable name="local.sub.etp.randomPassword"/>
</arg-string>
</do-set-src-password>


===============TRACE============================== =====

<nds dtdversion="3.5" ndsversion="8.x">
<source>
<product version="3.5.13.20090903 ">DirXML</product>
<contact>Novell, Inc.</contact>
</source>
<input>
<modify-password class-name="User" dest-dn="user" dest-entry-id=""
event-id="IDM##1#1">
<password><!-- content suppressed --></password>
<operation-data>
<entitlement-impl id="xxxxxxxxxxxxxx"
name="ENT_ADMINPasswordReset" qualified-src-dn="user" src="AF"
src-dn="user" src-entry-id="230813" state="1">{enter Entitlement param
here}</entitlement-impl>
</operation-data>
</modify-password>
</input>
</nds>
[04/02/14 10:54:32.919]:USERAPP-ENT ST: Pumping XDS to eDirectory.
[04/02/14 10:54:32.919]:USERAPP-ENT ST: Performing operation
modify-password for user.
[04/02/14 10:54:32.924]:USERAPP-ENT ST: Modifying password for entry
user.
[04/02/14 10:54:32.938]:USERAPP-ENT ST: Processing returned document.
[04/02/14 10:54:32.938]:USERAPP-ENT ST: Processing operation <status>
for .
[04/02/14 10:54:32.938]:USERAPP-ENT ST:
DirXML Log Event -------------------
Driver: \IDM\DriverSet\USERAPP-ENT
Channel: Subscriber
Status: Error
Message: Code(-9010) An exception occurred:
novell.jclient.JCException: generateKeyPair -222 DSERR_BAD_PASSWORD
[04/02/14 10:54:32.968]:USERAPP-ENT ST: Direct command from policy
result
[04/02/14 10:54:32.969]:USERAPP-ENT ST:
<nds dtdversion="3.5" ndsversion="8.x">
<source>
<product version="3.5.13.20090903 ">DirXML</product>
<contact>Novell, Inc.</contact>
</source>
<output>
<status event-id="IDM" level="error"
type="password-set-operation">Code(-9010) An exception occurred:
novell.jclient.JCException: generateKeyPair -222
DSERR_BAD_PASSWORD<operation-data>
<entitlement-impl id="***************************"
name="AdminPasswordReset" qualified-src-dn="user" src="AF" src-dn="user"
src-entry-id="230813" state="1">{enter Entitlement param
here}</entitlement-impl>
</operation-data>
<application>DirXML</application>
<module>USERAPP-ENT</module>
<object-dn></object-dn>
<component>Subscriber</component>
</status>
</output>
</nds>


--
belaie
------------------------------------------------------------------------
belaie's Profile: https://forums.netiq.com/member.php?userid=308
View this thread: https://forums.netiq.com/showthread.php?t=50426