Externally Authenticated Users Cannot Modify the Password For Native OID User Accounts
(Doc ID 1322184.1)
Last updated on FEBRUARY 08, 2019
Applies to:Oracle Internet Directory - Version 184.108.40.206 and later
Information in this document applies to any platform.
Externally Authenticated users, that is users who have been authenticated against an external directory service using the External Authentication plugins and who have been assigned an administrator role, cannot modify the userPassword attribute for native OID users. This applies to OID 10.1.0.1 through 11g.
It is intended that users who have been granted an administrator role should be able to reset user passwords.
The issue can be reproduced at will with the following steps:
1. Configure the External Authentication plugins against an external directory service (eg. Active Directory, eDirectory, iPlanet)
2. Grant a password administration role to an externally authenticated user account.
3. Attempt to reset the password of a native OID user account.
Due to this issue, password administration role can not be delegated to externally authenticated users.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document