Suppressing the Passphrase for Windows V2 Authenticator and Users in Active Directory (Doc ID 778961.1)

Last updated on OCTOBER 16, 2016

Applies to:

Oracle Enterprise Single Sign-On Suite Plus - Version 10.1.4.1 to 11.1.1.2.0 [Release 10gR3 to 11g]
Information in this document applies to any platform.
- Windows V2 Authenticator
- Passphrase disabled
- Use windows Data Protection "ON"
- Re-authentication Dialog "Use GINA"
- Users are managed and authenticated in Active Directory (AD)


Symptoms

If Oracle Enterprise Single Sign-On Login Manager (eSSO-LM) is installed to use the Windows V2 Authenticator and the passphrase is disabled then eSSO-LM will fail under various circumstances.

For example:

After running the 'First Time Use' (FTU) wizard on one machine, when a user logs on different machine:

--

After running the 'First Time Use' (FTU) wizard:

When the user changes the password (CTRL_ALT_DEL), the LM agent is not able to decrypt the credentials, eSSO-LM will ask for re-authentication over and over again

Changes

Configure eSSO-LM to use the Windows V2 Authenticator
Disable the passphrase

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms