Suppressing the Passphrase for Windows V2 Authenticator and Users in Active Directory

(Doc ID 778961.1)

Last updated on OCTOBER 16, 2016

Applies to:

Oracle Enterprise Single Sign-On Suite Plus - Version to [Release 10gR3 to 11g]
Information in this document applies to any platform.
- Windows V2 Authenticator
- Passphrase disabled
- Use windows Data Protection "ON"
- Re-authentication Dialog "Use GINA"
- Users are managed and authenticated in Active Directory (AD)


If Oracle Enterprise Single Sign-On Login Manager (eSSO-LM) is installed to use the Windows V2 Authenticator and the passphrase is disabled then eSSO-LM will fail under various circumstances.

For example:

After running the 'First Time Use' (FTU) wizard on one machine, when a user logs on different machine:


After running the 'First Time Use' (FTU) wizard:

When the user changes the password (CTRL_ALT_DEL), the LM agent is not able to decrypt the credentials, eSSO-LM will ask for re-authentication over and over again


Configure eSSO-LM to use the Windows V2 Authenticator
Disable the passphrase


Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms