Last updated on AUGUST 01, 2017
Applies to:Oracle Directory Server Enterprise Edition - Version 6.0 to 18.104.22.168.0 [Release 6.0 to 11gR1]
Information in this document applies to any platform.
***Checked for relevance on 25-Oct-2013***
* Note the DPS version listed below was used simply because that was the version in the SR from which this document was created. The DPS controls and behavior described below are the same from DPS version 6.x to current. *
DPS 22.214.171.124.0 with multiple DS 126.96.36.199.0 backends in MMR. Native LDAP clients on Solaris.
Noticed that when a user's password is reset("pwdreset" attribute set to "true" in user's entry) and the "pwdMustChange" attribute in the password policy is set to "true", that the user is NOT getting the "Password was reset and must be changed" message when logging into the Native LDAP clients.
State this only happens when the client goes through the DPS server which was put into place for testing. State previously these same clients DID get the password reset prompt when they connected directly to the DS servers.
In testing it is seen that a ldapsearch, as a user whose password was reset,goes through the DPS server to the backend DS server and the user DOES see the "Password was reset and must be changed" message. The issue is seen when the users attempt a SSH login, in which case they do not see the password reset message.
Expected behavior is that a user should see the "Password was reset and must be changed" message when the user's password is reset("pwdreset" attribute set to "true" in user's entry) and the "pwdMustChange" attribute in the password policy is set to "true" when logging into Native LDAP clients and the authentication request goes through the DPS 188.8.131.52.0 server to the backend DS 184.108.40.206.0 servers.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms