OAM 11g : User Is Able to Change the Password Even If the 'obuseraccountcontrol' Attribute Is Set to DISABLED
(Doc ID 2043399.1)
Last updated on SEPTEMBER 21, 2016
Applies to:Oracle Access Manager - Version 22.214.171.124.4 and later
Information in this document applies to any platform.
1] Consider a user 'user001' who requested the admin to reset the password.
2] Admin resets the password to 'Oracle12345'
3] Login to the dummy application using username user001and password Oracle12345
4] Force change password window appears.
At this time an Admin user changes the user.status to DISABLED by modifying the 'obuseraccountcontrol' attribute to Disabled and submitting the changes. Changes are saved successfully on Oracle Unified Directory (OUD).
5] User enters the current password as Oracle12345 and enters new and confirm password as Welcome12 (which complies with password policy.
6] Click on 'Change Password'
User must not be able to change the password since the account state has been changed to disabled.
User is able to change the password successfully.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document