Date: August 25, 2016
When configuring ERPM 5.4.0 or earlier to use RADIUS authentication, a shard secret is required. The shared secret field in the RADIUS configuration dialog appears to allow putting in shared secrets of up to 255 characters. However, when long passwords are used, and the dialog is re-opened, the shared secret is missing and a data decryption error is logged in the primary ERPM log.
Decryption of data 'SOME-REALLY-LONG-STRING-OF-RANDOM-CHARACTERS' failed (returning empty value); error 0x80090005 - Bad Data.
The problem occurs because ERPM 5.4.0 or earlier is not properly handling shared secrets longer than 40 characters for RADIUS clients.
The resolution for ERPM version 5.4.0 or earlier is to configure shared secrets of 40 characters or less. If upgrading is a possibility, please upgrade to ERPM version 5.5.0 or later where long secrets may be used.
- Enterprise Random Password Manager (ERPM) v5.4.0 and earlier.