Incorrect passcode under certain conditions from CA Siteminder to RSA Authentication Manager 8.x
Originally Published: 2015-04-30
Article Number
Applies To
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.x
Issue
- User lockout is set to four incorrect passcodes.
- If testing with the CA Siteminder and three bad tokencodes are given, the user is now set to Next Tokencode Mode.
- The CA Siteminder does not relay that the user is in Next Tokencode Mode to the user.
- The next time the user tries to login and gives the correct passcode, the CA Siteminder sends an incorrect passcode message to Authentication Manager and gives the user the message that they are in Next Tokencode Mode and to input the next tokencode.
- Because the site was set up for four incorrect passcodes to lock a user, the user is now locked.
- This works as documented for various RSA Authentication Agents (Windows, PAM, etc.)
- It is only the CA Siteminder that appears to do this.
Cause
Resolution
Workaround
Related Articles
Hardware Appliance Model 250 Installation and Maintenance Guide (Intel) Number of Views Hardware Appliance Model 130 Installation and Maintenance Guide (Intel) Number of Views RSA MFA Agent 9.0 for PAM Release Notes (German) Number of Views In RSA Via Lifecycle and Governance the Allow Multiple Selections checkbox is disabled for the User Accounts Table in the … Number of Views Role Analytics tab under Missing Required Entitlements displays technical roles as global roles in RSA Identity Governance… Number of Views
Trending Articles
Troubleshooting RSA SecurID Access Identity Router to RSA Authentication Manager test connection failures RSA SecurID Software Token 5.0.2 Downloads for Microsoft Windows RSA Authentication Manager 8.9 Release Notes (January 2026) RSA Governance & Lifecycle 8.0.0 Administrators Guide Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory
Don't see what you're looking for?
