cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
6434
Views
0
Helpful
4
Replies

Self Care Portal - Password Reset Issue

devils_advocate
Level 7
Level 7

Hello

I have created a new Credential Policy which requires a 10 character minimum password and I have disabled Trivial Passwords. 

Anyway, I enabled this for a local user and selected the option to force them to change password at next login.

If I try to login to the portal as that user, I get the correct box saying their password has expired and asking me to input a new one.

If I input something which is against the new Credential Policy, I was expecting an error but it literally does nothing, the page doesn't change/refresh but it doesn't continue either.

See Image -  password_reset_1.png

If I input a password which does conform to the policy, it continues and the new password is active.

If I then go into the user pages and change the password manually (to something against the policy), I get an appropriate
error.

See Image - password_reset_2.png

A bug perhaps?

I tried on our live and test CUCM systems and the same thing happens!

Ta

1 Accepted Solution

Accepted Solutions

Rob Huffman
Hall of Fame
Hall of Fame

Hi there,

It sounds like this CUCM 10.5 bug;

Self care Portal password authentication not working as per cred policy
CSCuv33572
Symptom:
Self Care Portal Does not prompt for incorrect password being entered.

Conditions:
CUCM 10.5.2

Test 1 -
The user logs in for the first time, the webpage prompts for changing the password.

Users are trying to change password and the password entered **'is not'** as per the credential policy set for the user.

Self care Portal" page is not prompting for password credentials policy or specific parameters.


Test 2 -
User logs in for the first time, the webpage prompts for changing the password.

However, the user does not enter the password as per the policy and enters any trivial password and clicks on change password.

The page does not respond and is stuck.

There is no pop-up or prompt from the webpage about invalid credentials etc.

The webpage will not let the user change the password.

Test 3 -
User had entered the correct password as per credential policy.

It works.

When user is logged into the Self Care portal and enters the wrong credentials to change their password

It prompts that credentials do not match as per credential policy.

View solution in original post

4 Replies 4

Rob Huffman
Hall of Fame
Hall of Fame

Hi there,

It sounds like this CUCM 10.5 bug;

Self care Portal password authentication not working as per cred policy
CSCuv33572
Symptom:
Self Care Portal Does not prompt for incorrect password being entered.

Conditions:
CUCM 10.5.2

Test 1 -
The user logs in for the first time, the webpage prompts for changing the password.

Users are trying to change password and the password entered **'is not'** as per the credential policy set for the user.

Self care Portal" page is not prompting for password credentials policy or specific parameters.


Test 2 -
User logs in for the first time, the webpage prompts for changing the password.

However, the user does not enter the password as per the policy and enters any trivial password and clicks on change password.

The page does not respond and is stuck.

There is no pop-up or prompt from the webpage about invalid credentials etc.

The webpage will not let the user change the password.

Test 3 -
User had entered the correct password as per credential policy.

It works.

When user is logged into the Self Care portal and enters the wrong credentials to change their password

It prompts that credentials do not match as per credential policy.

Hey Rob,

I was literally replying to this post to say I found a bug for it!

Thanks all the same.

Its a shame its fixed in 11.x as we are not ready to go to that yet.

Hi there,

Too funny that we were both looking for bugs at the same time :) I guess we both knew that it must be yet another funky bug! I've flagged it to keep an eye for a 10.x fix, I'll let you know if something pops up.

Cheers!

Rob

Indeed, the fact it was the same on my test and production systems made be think it was likely a bug.

A bit of creating googling and I found it eventually!

Once we go v11, we will be using LDAP anyway but unsure when that will be. 

Cheers