OAM 11g : User Is Able to Change the Password Even If the 'obuseraccountcontrol' Attribute Is Set to DISABLED
(Doc ID 2043399.1)
Last updated on MARCH 18, 2019
Applies to:Oracle Access Manager - Version 22.214.171.124.4 and later
Information in this document applies to any platform.
1] Consider a user who requested the admin to reset the password.
2] Admin resets the password
3] Login to the dummy application using username and password
4] Force change password window appears.
At this time an Admin user changes the user.status to DISABLED by modifying the 'obuseraccountcontrol' attribute to Disabled and submitting the changes. Changes are saved successfully on Oracle Unified Directory (OUD).
5] User enters the current password and enters new and confirm password (which complies with password policy.)
6] Click on 'Change Password'
User must not be able to change the password since the account state has been changed to disabled.
User is able to change the password successfully.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document