ODSM Regular User Login To ODSM Fails With: LDAP: error code 53 / 9009: GSL_PWDMUSTCHANGE_EXCP :Your Password has been reset; You must change your password before performing other operations.] (Doc ID 1375454.1)

Last updated on NOVEMBER 16, 2020

Applies to:

Symptoms

Oracle Internet Directory (OID) 11g 11.1.1.4 or higher.

Oracle Directory Services Manager (ODSM) web interface has no option for regular (non-admin) users to reset their own password upon first or next login (if so configured in the password policies).

If an OID regular user's password is reset by an OID administrator and the password policies for the user's, or the user's realm, is configured with the following options:
   Must supply old password when modifying password
   Reset password upon next login

then upon attempting to log into ODSM, the user is asked to change the password but has no option for entering a  new password, as there are no additional fields for supplying the old  password and entering a new one.

Steps To Reproduce:
 1. Configure user's realm Password Policies with the following options checked:
      Must supply old password when modifying password
      Reset password upon next login

 2.  As an OID admin user, create a new user of that realm with a password, or reset the password of an existing user of the same realm.

 3.  Login to new ODSM session as the user created or modified above.  ODSM shows the following:

With two options below it:
 Reconnect
 Cancel

Selecting Reconnect just endlessly loops through the same login and error screens.  Selecting Cancel ends the session.

OID 11g and higher do not include a self-service password reset or "change password" function or feature similar to 10g OID Delegated Administration Services (OIDDAS).

Changes

Cause

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.