IBM Support

IZ76791: ROUTE OF IZ73806 - 37147 - CASE MISMATCH IN ITIM FUNCTIONALITY OF TENANT ID OR LDAP ROOT SUFFIX MAY CAUSE PROBLEMS

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as documentation error.

Error description

  • **********************************************
    **********************************************
    Title:
    Case mismatch of Tenant Id or LDAP Root suffix may cause
    problems in ITIM functionality
    
    Problem Description:
    Case mismatch of Tenant Id or LDAP Root suffix may cause
    problems in ITIM functionality.
    
    
    The password change process was failed when it was invoked by
    API with case mismatched tenant ID.
    Following error was recorded in the PwdSync.log, but this error
    should not be happened because the request was invoked from ITIM
    itself.
    
    Response: <SYNCH_PSWDS_RESP code="failure" desc="CTGIME012E The
    password does not meet the requirements of the password rule.
    The following error occurred.
    Error: CTGIMH020E The new password cannot be the same as any
    previously used passwords. "
    
    Can Customer Recreate: Yee
    
    ITIM Server Version - 5.0 (5.0.6 on L2)
    Agent Version - ADadapter 5.0.6 and ADPwdSync 5.0.1004
    
    Server Environment
    
    Single server OR Cluster server: Single
    
    Operating System   : Windows 2003 R2 (AIX5.3 on L2)
    
    Agent Environment
    Operating System : Windows 2003 R2
    
    Desired Behavior:
    Documantation is needed.
    
    Steps to Duplicate:
    1. Configure password synch plugin of AD and enable server side
    recurssion control
      in enRole.properties
      enrole.passwordsynch.enabledonresource=true
    
    2. Configure password history.
    
    3. Add following code into SynchPassword.java and compile it
    
      if (tenantId.equals(tenantId.toLowerCase()))
        tenantId = tenantId.toUpperCase();
      else
        tenantId = tenantId.toLowerCase();
    
    4. Change password using synchPassword script/batch
    
    **********************************************
    **********************************************
    

Local fix

  • Match the case of Tenant Id
    

Problem summary

  • Users affected:
    Customers inadvertanly changing case for tenant id.
    

Problem conclusion

  • This fix for this APAR is contained in the
    following maintenance packages:
    | Fixpack | 5.1.0.3-TIV-TIM-FP0003
    

Temporary fix

Comments

APAR Information

  • APAR number

    IZ76791

  • Reported component name

    IBM TIV IDENT M

  • Reported component ID

    5724C3405

  • Reported release

    510

  • Status

    CLOSED DOC

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2010-06-02

  • Closed date

    2010-06-28

  • Last modified date

    2010-06-28

  • APAR is sysrouted FROM one or more of the following:

    IZ73806

  • APAR is sysrouted TO one or more of the following:

Fix information

Applicable component levels

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSRMWJ","label":"IBM Security Identity Manager"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"5.1","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Document Information

Modified date:
28 June 2010