Symptoms
The system triggers a password modification, which results in a forced password change in Webmail. When you try to create a new password in Webmail, you see this error:
Security Policy Handling Failed
Please contact the system admin or check the error_log file.
And the cPanel error log (/usr/local/cpanel/logs/error_log) shows errors like these:
warn [securitypolicy] Cpanel::Wrap::send_cpwrapd_request error: namespace=[Cpanel] module=[mail] function=[CLEAR_AUTH_CACHE]: statusmsg=[Parent check method: /usr/local/cpanel/cpanel,/usr/local/cpanel/uapi,/usr/local/cpanel/libexec/queueprocd,/usr/local/cpanel/cpsrvd,/usr/local/cpanel/cpanel-email,/usr/local/cpanel/base/resetpass.cgi, caller: /usr/local/cpanel/base/securitypolicy.cgi is not allowed] at /usr/local/cpanel/Cpanel/Wrap.pm line 133, <$socket> line 1.
Cpanel::Wrap::send_cpwrapd_request("env", HASH(0x1690e78), "action", "fetch", "data", ARRAY(0x16900c8), "no_cperror", 1, ...) called at /usr/local/cpanel/Cpanel/Wrap.pm line 65
Cause
This issue appears to occur after a forced password change is triggered via a change in a Security Policy setting (for example, Password Strength). After a user modifies the password to comply with the new password Security Policy changes, the Webmail interface may report a failure regarding the updated password.
We have opened an internal case for our development team to investigate this further; for reference, the case number is CPANEL-52302. Follow this article to receive an email notification when a solution is published in the product.
Resolution
A workaround for this issue has not been identified at this time. However, the password that was entered as the new credential is updated in the system, so the error displayed in the user interface may be ignored, and you can log in using the new password.
