Hello guys
Happy to join the group and will try to share my experience here.
I deployed PWM is on-premise offline cluster with PVC and external DB.
Access to GUI is ok , LDAPS configuration also.
I configured the software and enable password reset and user creation but in both case i have an issue when validating form:
com.novell.ldapchai.exception.ChaiPasswordPolicyException: javax.naming.directory.InvalidAttributeValueException: [LDAP: error code 19 - 0000052D: AtrErr: DSID-03191080, #1:
0: 0000052D: DSID-03191080, problem 1005 (CONSTRAINT_ATT_TYPE), data 0, Att 9005a (unicodePwd)
]) }
So i checked basics:
- Permissions:
- my admin user a full user permission on OU that host new user
- have permissions to create users and read/write attributes on all User objects in OU
- Password complexity:
- tried first with merge
- finnaly edit default policy to mach LDAP rules + 1 caracter
I finally tried to update manually unicodePwd using powershell with:
Set-ADAccountPassword -Identity $userDN -NewPassword (ConvertTo-SecureString $newPassword -AsPlainText -Force) -Reset -Credential $adminCredential
Command executed with success:
Password successfully reset for user: CN=SomeUser,OU=Lobby,[...]
So it seems that issue is reladed to PWM.
Maybe i missed a config somewhere ?
Best regards