My Oracle Support Banner

Suppressing the Passphrase for Windows V2 Authenticator and Users in Active Directory (Doc ID 778961.1)

Last updated on APRIL 15, 2018

Applies to:

Oracle Enterprise Single Sign-On Suite Plus - Version to [Release 10gR3 to 11g]
Information in this document applies to any platform.

***Checked for relevance on 15-APR-2018***
- Windows V2 Authenticator
- Passphrase disabled
- Use windows Data Protection "ON"
- Re-authentication Dialog "Use GINA"
- Users are managed and authenticated in Active Directory (AD)


If Oracle Enterprise Single Sign-On Login Manager (eSSO-LM) is installed to use the Windows V2 Authenticator and the passphrase is disabled then eSSO-LM will fail under various circumstances.

For example:

After running the 'First Time Use' (FTU) wizard on one machine, when a user logs on different machine:


After running the 'First Time Use' (FTU) wizard:

When the user changes the password (CTRL_ALT_DEL), the LM agent is not able to decrypt the credentials, eSSO-LM will ask for re-authentication over and over again


Configure eSSO-LM to use the Windows V2 Authenticator
Disable the passphrase


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.