I am hoping someone out there has worked with Netegrity's Password Policies.
I opened up a ticket and haven't heard from Netegrity yet. ( I kind of
doubt I will, there are similar tickets opened with NO SOLUTION PROVIDED as
the response.)
My question is as follows:
I have enabled a policy to expire passwords after 30 days and to allow 5
days notification for the user to change the password prior to
expiration. After expiration, user is disabled.
When I set the policy up. It flags all of the users that their passwords
have expired. I am allowed to login once. There is a cgi script
(smpwservicescgi.exe), that is supposed to pop up a warning or form. From
the logs, siteminder does not call up the CGI script. After the initial
login, The account is then disabled.
If anyone has any clues, I would really appreciate it.
Configurations:
Policy Server
Solaris 2.6
Netegrity (Siteminder) version 4.6.1SP2
IPLANET LDAP 4.1.3
Webagent
REDHAT 7.1
Apache 1.3.19 SSL
(Mod_jk configured as applications are running on jboss/tomcat)
Siteminder cgi settings in httpd.conf (on Webagent)
httpd.conf
Aliasing for cgi scripts for netegrity. (I can run cgi's from this directory)
Alias /siteminderagent/ "/cust/webagent/samples/"
Alias /siteminderagent/nocert/ "/cust/webagent/"
Alias /sitemindercgi/ "/cust/webagent/samples/pwcgi/"
ScriptAlias /pwcgi/ "/cust/webagent/samples/pwcgi/"
ScriptAlias /sitemindercgi/ "/cust/webagent/samples/pwcgi/"
<Directory "/cust/webagent/samples/pwcgi">
AllowOverride None
Options Indexes MultiViews ExecCGI
Order allow,deny
Allow from all
</Directory>
AddHandler cgi-script .exe
---
Send mail for the `bblisa' mailing list to `[EMAIL PROTECTED]'.
Mail administrative requests to `[EMAIL PROTECTED]'.
