My Oracle Support Banner

Externally Authenticated Users Cannot Modify the Password For Native OID User Accounts (Doc ID 1322184.1)

Last updated on SEPTEMBER 14, 2016

Applies to:

Oracle Internet Directory - Version: 11.1.0.6 and later   [Release: 11g and later ]
Information in this document applies to any platform.

Symptoms

Externally Authenticated users, that is users who have been authenticated against an external directory service using the External Authentication plugins and who have been assigned an administrator role, cannot modify the userPassword attribute for native OID users. This applies to OID 10.1.0.1 through 11g.

It is intended that users who have been granted an administrator role should be able to reset user passwords.

The issue can be reproduced at will with the following steps:
1. Configure the External Authentication plugins against an external directory service (eg. Active Directory, eDirectory, iPlanet)
2. Grant a password administration role to an externally authenticated user account.
3. Attempt to reset the password of a native OID user account.

Due to this issue, password administration role can not be delegated to externally authenticated users.

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
  Symptoms
  Cause
  Solution
  References

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.