I am evaluating CLE 3.8.1 integrated with SSPR 3.2.<latest> integrated
with AD. I am testing with Win8.1 Enterprise.

After install of CLE I can gain access to the Forgotten Password link
and access SSPR in the secure browser. I have enabled web services in
SSPR and allowed login with expired passwords as described in the
prereqs. I am not using the optional CLE tile on the login screen.

However it appears if my "Enable SSPR Configurations" is not working
correctly and I'm curious if there could be an issue with my REST uri.
I'm using the example listed in the documentation, but I just don't have
any way to verify if it is correct.

The primary symptom is that after install, CLE appears to "take over"
the Local or Domain Account Password Sign-In option at Ctl-Alt-Del and
now no user can login. It is as if login has to pass through SSPR first
before being allowed to AD and my SSPR config is not yet correct? Does
that seem accurate?

My REST URI is set to:

I have 3rd party certificate configured and working successfully (ie no
cert prompting) for the forgotten password LINK URL at:

Any suggestions for further troubleshooting? How can I confirm REST

jameswatson3's Profile: https://forums.netiq.com/member.php?userid=565
View this thread: https://forums.netiq.com/showthread.php?t=53509