|Applies To||RSA Product Set: SecurID|
RSA Product/Service Type: Authentication Manager SDK
RSA Version/Condition: 7.1
|Issue||When using the AdminAPIDemos.cs and the AdminAPIDemos.java, the following error is seen:|
Error: Password policy not satisfied
|Cause||This error may generated if you run the AdminAPIDemos sample with the "update" option more than once.|
This is actually the expected behavior on a default RSA Authentication Manager 7.1 system. A default Authentication Manager 7.1 system has a password policy which is configured to disallow the last three passwords being re-used. If you run the sample code a number of times these may be the actions you are carrying out:
|Resolution||The sample code demonstrates how to avoid this error. If you run the sample code with the "disable" option this will disable this password feature and allow the same password to be set repeatedly. This same option may be set in the Security Console by an administrator with the appropriate privilege by selecting Authentication > Policies > Password Policies >Manage Existing, then select to edit (using the context sensitive menu) the policy which is marked as the default policy and look at the Restrict Re-Use values under Lifetime.|
If the sample code is run with the "disable" option then it will set this value to "Users can re-use any previous password."
Note: The sample will not switch the setting back to the default, so after running the API sample make sure that you use the Security Console to review and reset the value to match your own company policy. The default value is that users may not re-use the last three passwords.
|Legacy Article ID||a44614|