PWM v2.0.3 bc96802e - forgotten password - pwm asks everytime questions, but no questiona are configured

[stefan....@gmail.com]

hi,

i have installed and configured PWM v2.0.3 bc96802e.

i have configured the public module "forgotten password".

but i haven't configured the security questions.

if a user clicks to "forgotten password" the user must answer to two questions. and the user has never answered to some questions (see attached files).

where i can disable this questions? i cannot find this settting(s).

thanks

best regards

stefan

[stefan....@gmail.com]

if i set "minimun random required" to "0" (see attached file pwm5.jpg) i have the error 5033 (see attached file pwm6.jpg)

[Stefan Lanziner]

in the log i have this messages:

ERROR, http.PwmResponse, {BaeSB} 5033 ERROR_INVALID_CONFIG (user is required to complete LDAP attribute check, yet there are no LDAP attribute form items configured) [x.x.x.x]

FATAL, servlet.AbstractPwmServlet, {BaeSB} unexpected error: 5033 ERROR_INVALID_CONFIG (user is required to complete LDAP attribute check, yet there are no LDAP attribute form items configured) [x.x.x.x]

ERROR, http.PwmResponse, {BaeSB} 5033 ERROR_INVALID_CONFIG (user is required to complete LDAP attribute check, yet there are no LDAP attribute form items configured) [x.x.x.x]

--
You received this message because you are subscribed to a topic in the Google Groups "pwm-general" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/pwm-general/zNeRfpshUl8/unsubscribe.
To unsubscribe from this group and all its topics, send an email to pwm-general...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/pwm-general/c35eac2b-3d90-446d-a6aa-114f508b4b1bn%40googlegroups.com.

[Jason Rivard]

Your confusing the 'Setup Responses' section which controls question enrollment with already authenticated users with the 'Forgotten Password' policy which controls what happens when the user clicks forgotten password.  You need to adjust the setting:  Modules ⇨ Public ⇨ Forgotten Password ⇨ Profiles ⇨ [profile] ⇨ Definition ⇨ Verification Methods which now is prompting for LDAP attribute verification but you don't have any LDAP attributes defined.

[stefan....@gmail.com]

ji jason,

can you tell me where i must configure the ldap-atributes?

i have an old installation of the version 1.8 ... the the configurations are similar ...

thanks

best regards

[stefan....@gmail.com]

hi,

i have configured "ldap attributes"" (see the attached screenshot).

thanks

best regards

[jason.e...@gmail.com]

You need to disable the Security Questions in the Setup Security Questions section,

[jason.e...@gmail.com]

and also go to Policies->Challenge Policies-> default and set minimum number random required and minimum random challenges required to 0 

[stefan....@gmail.com]

hi,

with this configuration i have an error:

PWM 5033

The configuration is invalid or corrupt. Please correct the error, or remove the configuration file.

thanks

best regards

[stefan....@gmail.com]

i made an export of the configuration from the old version 1.8.0 and an import of the configuration in the new instance 2.0.3

now the pwm works.