Okay so I think I've run into yet another bug or scenario that NetIQ
didn't test.

If you use the RBPM Change Password for the EXPIRED password servlet in
NAM, it seems that the force logout features (as per the docs) logs you
out of RBPM before you can be taken to the Challenge/Response questions
that you are forced to answer via the NMAS UP/ForgottenPassword Policy.

The end result is that the users are never then forced/prompted to
answer those and then they can't use their Forgotten Password.

Any ideas on how to fix?

I can open SR's, but given that it took like 3 months last time I'm not
sure I have the patience or that long to get a resolution this time.

kjhurni's Profile: https://forums.netiq.com/member.php?userid=322
View this thread: https://forums.netiq.com/showthread.php?t=47099