My Oracle Support Banner

OID 10g Portal Default Group (orcldefaultprofilegroup Attribute Value) Is Automatically Getting Deleted Whenever A User's Password Is Changed Or Reset (Doc ID 1386635.1)

Last updated on MARCH 12, 2021

Applies to:

Oracle Internet Directory - Version 9.0.4 to [Release 10gR1 to 10gR3]
Information in this document applies to any platform.


Oracle Internet Directory (OID) 10g, i.e.,, integrated with Portal.

The user's default group (orcldefaultprofilegroup attribute value) is being automatically deleted whenever a user's password is reset, even though the default group is not touched.

Steps to reproduce:
- Login to the home page for default group and navigate to this url, i.e.:

- There is a User portlet where the username that needs a password to be reset can be entered, then click the Edit button. The next page url is, i.e.:

- Enter the password in the Password and Confirm Password fields, click Submit. This redirects to this page:

- Click Done and it redirects back at the orginal page:

The problem may occur intermittently or only when starting from the Portal URL but not when going directly from the oiddas URL, i.e.,

After turning on OID debug level to 1, OID debugged log shows the attribute(s) deletion when the userpassword is changed, i.e., following Connection ID (ConnID:22067215) in this example:

2011/10/10:00:44:29 * ServerWorker (REG):8 * ConnID:22067215 * OpId:2 * OpName:bind
INFO : gslfbiADoBind * Version=3 BIND dn="cn=user1,cn=users,dc=mycompany,dc=com" method=128
ConnId = 22067215, op=2, IpAddr=<IP address>
00:44:29 * INFO : gslfrsASendLdapResult2 RESULT = 0 nentries=0
2011/10/10:00:44:41 * ServerWorker (REG):7 * ConnID:22067215 * OpId:43 * OpName:modify
INFO : gslfmeADoModify: dn = cn=user1,cn=users,dc=mycompany,dc=com
00:44:41 * gslfmeADoModify: dn (cn=user1,cn=users,dc=mycompany,dc=com)
00:44:41 * gslfmeADoModify: modifications:
00:44:41 * replace: userpassword
00:44:41 * delete: orcldefaultprofilegroup
00:44:41 * delete: orclactivestartdate
00:44:41 * gslfmeADoModify:conn=22067215 op=43 MOD dn="cn=user1,cn=users,dc=mycompany,dc=com"
00:44:41 * Replacing userpassword in gslsbmApplyModtoEntry()
00:44:41 * Deleting orcldefaultprofilegroup in gslsbmApplyModtoEntry()
00:44:41 * Deleting orclactivestartdate in gslsbmApplyModtoEntry()
00:44:41 * Replacing authpassword in gslsbmApplyModtoEntry()
00:44:41 * Replacing orclpassword in gslsbmApplyModtoEntry()
00:44:41 * Deleting pwdfailuretime in gslsbmApplyModtoEntry()
00:44:41 * Deleting pwdaccountlockedtime in gslsbmApplyModtoEntry()
00:44:41 * INFO : gslfrsASendLdapResult2 RESULT = 0 nentries=0

A little later, this is propagated to Portal via DIP provisioning.  Below is an example from the Portal profile audit log:

Mon Oct 10 00:44:54 GMT 2011 - Audit Log Start
User Exists Check - UID : user1 ,GUID (A04AF5A230158FAFE040928DC3D04025) - Response : 1
=============Event ID : 29866 - (USER_MODIFY)=============
Source : cn=user1,cn=users,dc=mycompany,dc=com
Time : 20111010004441z
Object Name: user1
Object GUID: A04AF5A230158FAFE040928DC3D04025
Object DN : cn=user1,cn=users,dc=mycompany,dc=com
AttrName - OpType - Value
orcldefaultprofilegroup - DELETE -
EVENT_NTFY Response : 1
29866 : Success : MODIFY : cn=user1,cn=users,dc=mycompany,dc=com
Mon Oct 10 00:44:54 GMT 2011 - Audit Log End

And turning on SSO/DAS debug, the oc4j security debugged log also shows the deletion:

11/12/01 04:56:06 [info] attr orcldefaultprofilegroup will be removed !
11/12/01 04:56:06 [info] i = 0 attr is userpassword op is REPLACE; val is <password>
11/12/01 04:56:06 [info] i = 1 attr is orcldefaultprofilegroup op is REMOVE
11/12/01 04:56:06 [info] Successfully modify user !


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.