I am going to revive this topic since I am the original poster, and I am
still interested in knowing if what I would like to do is actually

I have looked into SSPR as a replacement for an instance of the User
Application in my environment that is only used for password self
service. I set up an instance of SSPR ( and pointed it to a tree
with a copy of my production data set including passwords and forgotten
password challenge responses. This SSPR instance is reading the password
policy and the forgotten password challenge questions from the tree.
However, the challenge responses themselves are not being read. As it
is, the first time a user logs into SSPR, he/she will be forced to
re-answer all the challenge questions. Is that the expected behavior? I
haven't touched the default response storage attribute (pwmResponseSet),
so I know the existing answers are not available to SSPR.

Has anybody connected SSPR to a tree with existing challenge responses
and made existing challenge responses available to SSPR? Is that even
possible? If so, how was that done?

celsolima's Profile: https://forums.netiq.com/member.php?userid=260
View this thread: https://forums.netiq.com/showthread.php?t=53209