I'm now using IDM3.5.

I posted a question couple days ago. And I found the answer I suppose.

I created two users in the eDirectory:
A: users.root
B: root

And assign forget password policy to the two users with challenge response
option on. Then I logged into the user application and set the responses
for both of users.
After that, I clicked the hyperlink of "forget password?" in the user
application page and something interesting happened. User B could
successfully challenge and get access to change his password while User A
received response failed after input the "correct" responses against the

I created another two users C & D similar to A & B respectively and got
the same result.

So I wonder that it is because of the position of the user in the
eDirectory, obviously which is a bug for the user application.

Does anyone meet the same situation?