Environment
NetIQ Identity Manager 4.5
NetIQ Identity Manager Driver - Midrange OS/400 Bi-directional
Situation
When setting a password on the IBMi system password exit program, PWDEXIT raises an error. After raising an error the password exit program, PWDEXIT quits running.
The error is as follows:
The error is as follows:
Exiting after unexpected exception
CEE9901
Password rejected by program PWDEXIT in library I5OSDRV.
CEE9901
Password rejected by program PWDEXIT in library I5OSDRV.
Resolution
The PWDEXIT *PGM works by adopting the authority of its owning profile to write password changes into the I5OSDRV changelog. In order to switch profiles and write to this directory, the owning profile must have both *ALLOBJ and *SECADM.
Also, there are circumstances where the adopted authority conflicts with other security software and needs to be disabled.
Also, there are circumstances where the adopted authority conflicts with other security software and needs to be disabled.
See KB 7011517 for details on that.