One Identity Defender Hotfix for KB 329955 - Authentication abandoned or Invalid Windows Password messages are displayed in the Defender Security Server Audit logs during second factor authentication. (4285294)

This hotfix addresses a functionality issue. The minimum version required for installing this hotfix is 5.11

Authentication abandoned messages appearing in the Defender Security Server Audit logs after upgrading to Defender 5.11.
E.g.
------------------------------
Tue 02 Dec 2020 12:33:05 Authentication abandoned user user01 Session ID:  xxxxxxxx
------------------------------


The Defender Security Server trace also shows the following password error:
------------------------------
adding message Invalid Windows password.
Enter a valid Windows password.
------------------------------


A network packet capture taken on the Defender Security Server also shows an invalid password message:
------------------------------
password verify failed - invalid password Invalid Credentials
------------------------------

Please download the hotfix, Defender Hotfix for 5.11 for KB here.

Resolved Issues

The following is a list of issues resolved in this hotfix.

Applicability of this hotfix

Products affected by this hotfix

To install the hotfix

3. Run the file Defender-SOL329955.exe and follow the on-screen instructions to complete the hotfix installation.

Verifying successful completion

•  Defender Hotfix: SOL3329955 under Defender 5.11

To remove this hotfix

1. On the computer running Defender, open the list of installed programs and updates (appwiz.cpl).
2. Under Tasks, click View installed updates, select Defender Hotfix: SOL329955-# in the list, and then click Uninstall.