Environment
Self Service Password Reset
SSPR 4.1
eDirectory / NMAS environment
Situation
SSPR doesn't prompt user to answer helpdesk challenge responses
Users not promoted for Help Desk challenge questions after answering the other challenge response questions
Resolution
Configure the SSPR Challenge policy to mirror the NMAS challenge policy and then
Disable eDirectory Challenge Sets in SSPR Configuration Manager ⇨ Read eDirectory Challenge Sets ⇨ LDAP ⇨ LDAP Settings ⇨ NetIQ eDirectory. This will resolve the problem for all users, and is the recommended solution.
Alternatively, uncheck the box for Enable Forgotten Password in iManger, roles and tasks, passwords, (select policy), password policy, forgotten password. This will resolve the problem for users assigned to that particular policy.
Cause
It is not possible to use the e-directory NMAS challenge set with the help desk questions. NMAS challenge policies do not include help desk challenge responses.