The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

11.32.2 - Security Policy Handling Failed

Discussion in 'Security' started by Serra, Apr 3, 2012.

  1. Serra

    Serra Well-Known Member

    Joined:
    Oct 27, 2005
    Messages:
    213
    Likes Received:
    4
    Trophy Points:
    18
    Location:
    Florida
    I'm having a couple of issues with 11.32.2 which loaded to my servers last night. (Which I was waiting for to fix an issue, which that issue appears to be fixed).


    First, last week I turned on the security policy that says: Security Policy Items: Password Strength and set it to 60. There was a password strength issue that caused concern, unrelated to this.

    Today 11.32.2 loaded and now every user with a weak password is being forced to update their password to one that meets the strength requirement. As you can imagine, that's generating a lot of calls! (This comes unexpectedly after a week of no problems)

    However, the issue is that one account is getting an error "Security Policy Handling Failed" when they try to go into webmail. Turning off the security policy fixes the issue, but updating the password nor anything else seems to allow this user to access their mail.

    Currently, I've had to turn off the security policy to allow this user to access their mail. Anyone else seeing this?
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,460
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    The result though is making your server and all its users on it, more secure. Calls I'd be happy to take and go thru.


    You might check your logs to see why they're not getting in.
     
  3. Serra

    Serra Well-Known Member

    Joined:
    Oct 27, 2005
    Messages:
    213
    Likes Received:
    4
    Trophy Points:
    18
    Location:
    Florida
    I changed my policy handling to upped the security level a tiny bit to make the passwords a bit more secure. Unfortunately, the system hit my own password. NOTE: Passwords are only updated when the user uses webmail. My password is a set of random numbers and letters with caps. The system said it wasn't a level of 50. (Which is insane... but that is another issue).

    I found that if the user gets the change password prompt and then decided NOT to change passwords and hits logout. (Like he is the system admin and just doesn't want to bother) The user will get the "Security Policy Handling Failed" message no matter what they do trying to login.

    Per above, its the error is in a 'log'... so as helpful as that sounds, its better to restart cPanel which cures the problem.
     
  4. Serra

    Serra Well-Known Member

    Joined:
    Oct 27, 2005
    Messages:
    213
    Likes Received:
    4
    Trophy Points:
    18
    Location:
    Florida
    Still a problem! Last month I moved to a new server and forgot to set the security level. So yesterday I set it to 60. My password for my personal email only clears the 50 level, so I got the change password screen again. Since I didn't want to do that, I closed the tab and set the security level down to 50.

    Of course, then when I tried to login, I got: "Security Policy Handling Failed".

    There is NO WAY to get rid of that message that allows the user to login again, short of restarting cPanel.

    So, just to be clear. Any user who is presented with a password change screen who doesn't change their password, will be locked out until cPanel is restarted
     
  5. cPanelNick

    cPanelNick Administrator
    Staff Member

    Joined:
    Mar 9, 2015
    Messages:
    3,426
    Likes Received:
    2
    Trophy Points:
    38
    cPanel Access Level:
    DataCenter Provider
    Please open a ticket using the link in my signature.
     
Loading...

Share This Page