My Oracle Support Banner

OIM Not Able To Lock Any User - InvalidAttributeValueException LDAP: Error Code 21 After Processing Replace Oblockedon (Doc ID 2002556.1)

Last updated on AUGUST 30, 2023

Applies to:

Oracle Access Manager - Version 11.1.2.2.0 and later
Oracle Virtual Directory - Version 11.1.1.7.0 and later
Identity Manager - Version 11.1.2.2.0 and later
Information in this document applies to any platform.

Symptoms

Not able to lock any user from the OIM admin console with LDAP sync option enabled for Active Directory (AD). All other actions like create, update, disable and enable user are working fine but only lock/unlock user is not working.
the following error occurs.

[2015-02-12T13:25:42.387-05:00] [xxxxx] [TRACE] [] [oracle.ods.virtualization.engine.chain.plugins.usermanagement.UserManagement] [tid: xxx[ACTIVE].ExecuteThread: '9' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <USER>] [ecid: <ECID>] [SRC_CLASS: oracle.ods.virtualization.engine.util.VDELogger] [APP:xxxxx] [SRC_METHOD: debug] Entry to modify after processing: replace: oblockedon[[
oblockedon: 20150212132542z
-

]]
[2015-02-12T13:25:42.389-05:00] [xxxxx] [WARNING] [OVD-40082] [oracle.ods.virtualization.engine.backend.jndi.ad1.ConnectionHandle] [tid: [ACTIVE].ExecuteThread: '9' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <USER>] [ecid: <ECID>] [APP: xxxxxx] Could not modify entry.[[
javax.naming.directory.InvalidAttributeValueException: [LDAP: error code 21 - 00000057: LdapErr: DSID-0C090B8A, comment: Error in attribute conversion operation, data 0, v1db1]; remaining name 'CN=<USERNAME>,OU=<OU>,CN=Users,DC=<COMPANY>,DC=com'

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
Symptoms
Cause
Solution


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.