IV33489: TITLE: TAM ESSO V8.2- LOTUS NOTES PROFILE VERSION 1.3 SAVES INCORRECT PASSWORD
Closed as fixed if next.
Title: TAM ESSO v8.2- Lotus Notes profile version 1.3 saves incorrect password Problem Description: Lotus Notes profile version 1.3 saves incorrect password . Problem description In testing the newer Lotus Notes profile version 1.3 published under http://www-01.ibm.com/support/docview.wss?uid=swg21470500 we have found an issue during password change with the following scenario: A client is presented with the password change window within Lotus Notes (regardless of expiration, early warning or manual). If the client enters a previous password (password history is set for 13) that has been used before, Lotus Notes will pop-up a dialog that indicates that it is a previous password and directs the client to "pick a new one". If the client clicks ok they are taken back to the change password window. As part of this process ESSO is saving that previous password entry in the wallet even though the password change was not successful. If the client were to then click cancel and not change their password they will retain some previous version of the password in the wallet. If they continue to change their password and enter a valid password that Lotus Notes accepts then the correct password will be saved wallet. Business impact ( BusImpact ) saves an invalid password to the wallet. Steps to Duplicate: see problem description Desired Behavior: see problem description Environment: ISAM ESSO 8.2, Lotus Notes,profile, 1.3 AA 8.2 fixpack 2, Lotus Notes Release 8.5.1 Revision 20090929.1223 (Release 8.5.1) Solutions/Workaround: Under state_chg_pwd_wnd-destroyed there are three triggers (1) Fire after a specified time, (2) Window is activated (includes save action), (3) Window is activated (not equal to your password change succeeded). In that order (3) always fires regardless of the message dialog that is produced. (1) will fire if a dialog is not produced and "password set" is presented in the status bar. it works correctly is reordered to (1) Window is activated (not equal to your password change succeeded), (2) Window is activated (with save action), (3) Fire after a specified time. .
The Lotus Notes AccessProfile version 1.3 can not handle a change password workflow if the new password is not accepted by Lotus Notes. The rejected password will be stored in the AccessAgent wallet. The problem will be addressed in next release of the profile.
Reported component name
Reported component ID
Last modified date
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Applicable component levels