You may want to open support issue it can be complicated
Turn on FPS logging
"27-Aug-2015","08:28:06",1,10,"?","Supplied Value: ~uid=A1"
"27-Aug-2015","08:28:06",1,10,"?","Supplied Value: ~givenName=John"
"27-Aug-2015","08:28:06",1,10,"?","Supplied Value: ~sn=A1"
"27-Aug-2015","08:28:06",1,10,"?","Too Many Users Found"
Policy server trace Logs will show the state change during the processing of FPS request
Review of the LDAP access logs with PS logs to see the search being used
[01/31/2014][14:22:57.699][14:22:57][13230][11][CServer.cpp:262][ServerTrace][[SM-APS-06007] Forgotten Password Services...][SmTransact(APSAPI): [SM-APS-06007] Forgotten Password Services...]
[01/31/2014][14:22:57.701][14:22:57][13230][11][SmAuthUser.cpp:699][ServerTrace][New Macro "target" = "lodsun30a.ca.com:8787/jsp/identify.jsp"][APS-FPS: New Macro "target" = "lodsun30a.ca.com:8787/jsp/identify.jsp"]
[01/31/2014][14:22:57.701][14:22:57][13230][11][SmAuthUser.cpp:699][ServerTrace][Referrer = http://lodsun30a.ca.com:8787/jsp/Identify.jsp][APS-FPS: Referrer = http://lodsun30a.ca.com:8787/jsp/Identify.jsp]
[01/31/2014][14:22:57.701][14:22:57][13230][11][SmAuthUser.cpp:699][ServerTrace][State Check: Referrer = http://lodsun30a.ca.com:8787/jsp/Identify.jsp][APS-FPS: State Check: Referrer = http://lodsun30a.ca.com:8787/jsp/Identify.jsp]
[01/31/2014][14:22:57.701][14:22:57][13230][11][SmAuthUser.cpp:699][ServerTrace][URL Translation "http://lodsun30a.ca.com:8787/jsp/Identify.jsp" -> "//lodsun30a.ca.com:8787/jsp/Identify.jsp"][APS-FPS: URL Translation "http://lodsun30a.ca.com:8787/jsp/Identify.jsp" -> "//lodsun30a.ca.com:8787/jsp/Identify.jsp"]
[01/31/2014][14:22:57.701][14:22:57][13230][11][SmAuthUser.cpp:699][ServerTrace][Determined state to be 10.][APS-FPS: Determined state to be 10.]
[01/31/2014][14:22:57.701][14:22:57][13230][11][SmAuthUser.cpp:699][ServerTrace][State Change: Phase 10 -> 12][APS-FPS: State Change: Phase 10 -> 12]
[01/31/2014][14:22:57.701][14:22:57][13230][11][SmAuthUser.cpp:699][ServerTrace][State Change: Phase 12 -> 10][APS-FPS: State Change: Phase 12 -> 10]
[01/31/2014][14:22:57.701][14:22:57][13230][11][SmAuthUser.cpp:699][ServerTrace][Redirecting to "http://lodsun30a.ca.com:8787/jsp/Identify-Multiple.jsp"][APS-FPS: Redirecting to "http://lodsun30a.ca.com:8787/jsp/Identify-Multiple.jsp"]
[01/31/2014][14:22:57.701][14:22:57][13230][11][SmAuthUser.cpp:699][ServerTrace][Phase 10 - No search criteria entered!][APS-FPS: Phase 10 - No search criteria entered!]
[01/31/2014][14:22:57.702][14:22:57][13230][11][CServer.cpp:262][ServerTrace][[SM-APS-06011] FPS Returning 455 bytes of HTML][SmTransact(APSAPI): [SM-APS-06011] FPS Returning 455 bytes of HTML]
APS.CONF will show what attrbutes need to be searched in my case I mapped UserID to uid attribute only one required
[FPS-Identify]
Required=UserID
Optional=FirstName;LastName;Phone;City;State;mail;phonenow;
Lookup=UserID=uid;Mail=mail;FirstName=~givenname;LastName=~sn;Phone=telephoneNumber,homePhone;City=~l;State=st