Hello, we have the following scenario: We are using CA Single Sign-On 12.52; Update: 01.07; Build: 2259; CR: 07. and we have made the federation with Office 365. It is happening to us that when the user changes the Active Directory password he can not enter more from his cell phone to the mail client. Has this happened to anyone? What was the solution they found?
It is common for password changes to take some time to propagate throughout AD. In the scenario given it sounds like the password change hasn't propagated to the mail server. Does this problem clear after a few minutes or does the problem persist?
In our case the password never synchronize with microsoft azure and the IWA is not configured in the SPS.
The scheme of authentication is through authentication server connected to a Policy server and a SPS.
Analista de Seguridad
1049, Buenos Aires, Argentina
Antes de imprimir
piense bien si es
El medio ambiente
es cosa de todos.
Enviado el: lunes, 08 de enero de 2018 01:18 p.m.
Para: VITALIANO, ARIEL LUCAS
Asunto: Re: - Re: Federation with Office 365
CA Communities <https://communities.ca.com/?et=watches.email.thread>
Re: Federation with Office 365
reply from Pete_Burant<https://communities.ca.com/people/Pete_Burant?et=watches.email.thread> in CA Single Sign-On - View the full discussion<https://communities.ca.com/message/242033894-re-federation-with-office-365?commentID=242033894&et=watches.email.thread#comment-242033894>
Is the login works from user's desktop but not from mobile ?
Yes, only happen when you use a mobile.
We have a domain policy for password expire. In this case, the user connect office 365 and the federation not work. Only works if you delete perfil and regenerates a new profile in your cellphone or mobile device.
In our case IWA is not configured in the SPS. It is necesary that is configured to works the password sincronism when you federated with a mobile?
Enviado el: lunes, 08 de enero de 2018 01:23 p.m.
reply from Makesh.T<https://communities.ca.com/people/Makesh.T?et=watches.email.thread> in CA Single Sign-On - View the full discussion<https://communities.ca.com/message/242033913-re-federation-with-office-365?commentID=242033913&et=watches.email.thread#comment-242033913>
Seems like you have implemented PASSIVE PROFILE, but not ACTIVE PROFILE for RICH CLIENT Support.
Could you confirm you have implemented PASSIVE PROFILE and ACTIVE PROFILE for O365 ? For PASSIVE PROFILE only Partnership configuration is sufficient. ACTIVE PROFILE builds on top of PASSIVE PROFILE, thus has more additional configurations like setting up STS on CA AG.
Nom both profiles are actives, Passive and Active.
This federation works in a computer and a mobile devices but the problem is when your password domain expire or change. The mobile not detect this change. This proof is in a cellphone with Android.
Enviado el: lunes, 08 de enero de 2018 02:24 p.m.
reply from Hubert Dennis<https://communities.ca.com/people/HubertDennis?et=watches.email.thread> in CA Single Sign-On - View the full discussion<https://communities.ca.com/message/242033937-re-federation-with-office-365?commentID=242033937&et=watches.email.thread#comment-242033937>
"Mobile does not detect the expiration OR change"!!!
Could this be a handset / email client account setting issue?
For e.g. I have my Android Handset configured to use O365 and I use both forms of email client (outlook downloaded from App Store and exchange email app shipped with my phone). Whenever I change Password, it does pick up after a short delay that the credentials in the Email Client on the mobile is no longer valid. Hence stops syncing on mobile. I then have to manually go into the Client and retype my account (new) password. After that it is BAU.
Although my computer does prompt me 15 days in advance that my password is expiring, but the mobile does not. If I did not change my password and it expires. The email client on my mobile stops working without any prior notification. Then when I reset my password using the password reset portal. I have to update my Computer as well by logging out and logging in. I have to also update my outlook client on my laptop with my new password. I then go and manually update the Email Client Account settings on my mobile. This is the behavior I have.
Are you able to update your new password in the Email Client on your mobile using the Email Clients settings ?