SSPR - 5026 Bad Password error Received Trying to Reset Password

  • 7024563
  • 15-Apr-2020
  • 15-Apr-2020


Self Service Password Reset 4.4
eDirectory is the LDAP server on the backend of SSPR


When attempting to change the password for a user that has an expired password the following errors are receive in the Self Service Password Reset log file.

unable to authenticate with password read from directory, check proxy rights, ldap logs; error: 4006 PASSWORD_BADPASSWORD (unable to create connection: unable to bind to ldaps:// as cn=user1,ou=TestOU,o=TestO reason: [LDAP: error code 49 - NDS error: bad password (-222)])) []


With eDirectory on the backend of SSPR, You must have grace logins remaining to be able to change the password through SSPR when the password is expired.   

Increase the Grace Logins in the Password Policy assigned to the user.


Out of Grace Logins for the user account.