NetIQ Access Manager NIDP server kerberos fallback login method does not report Expired Password

  • 7017493
  • 12-Apr-2016
  • 12-Apr-2016


NetIQ Access Manager 4.1.2
NetIQ Access Manager 4.2.1


  • Kerberos authentication has been configured with:  "FALLBACK_AUTHCLASS com.novell.nidp.authentication.local.PasswordClass" and login page as documented in TID 7015049

  • Microsoft windows 2008R2  Active Directory userstore has been configured

  • Users with an expired password will fail to login with the NIDP server message:
    "Login failed, please try again" instead of reporting a "Password Expired" message


This issue has been addressed to engineering and will be fixed with the next Service Pack release