Environment
SSPR appliance version v4.0.0.2 b522 r38959
template.ldap = NOVL
Situation
After clicking the change password button the user is presented with the message: The user name or password is not valid. Please try again.
Resolution
Remove settings for AD directory
ldap.ad.proxyForgotten
ldap.ad.enforcePwHistoryOnSet
Cause
Although the customer had configured LDAP eDirectory they had enabled some of the AD related settings for change password. These were causing abnormal operation.
Additional Information
When configuring SSPR by setting the template the correct settings for the LDAP directory type are set. Only modify the settings that apply to the LDAP directory type being used.
SSPR debug log showed the following error:
5001 ERROR_WRONGPASSWORD (cannot set password for
user, old password is not available)