OIM R2PS2: Cannot Enter Same Password If A Password Policy Which DisAllows Past Passwords Is Attached to Both Resource and Organization to Which A User Belongs in OIM
(Doc ID 2130130.1)
Last updated on APRIL 24, 2016
Applies to:Identity Manager - Version 22.214.171.124.0 to 126.96.36.199.9 [Release 11g]
Information in this document applies to any platform.
OIM R2PS2: When a password policy with the DISALLOW PAST PASSWORDS attribute is set and users attempt to set a user's OIM password (USR table) and an account password (e.g UD_ADUSER table) to the same value, OIM says that the account password is invalid since it's one of the past passwords used.
The issue can be reproduced at will with the following steps:
1. Create a password policy and set a value of 2 in the Disallow Past Passwords
2. Set the password policy on the Xellerate Users organization
3. Associate the password policy on the Resource Object
4. Create a user in the Xellerate Users organization
5. Provision a new account to the user that has the password policy set in step 3
6. Reset the password for the OIM user to P@ssw0rd123
7. Reset the password for the account
8. Enter the password P@ssw0rd123
9. An error is received even though the account has never had this value set before
The log appears as below:
policy rules were not met:Password must not be one of 2 previous passwords.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document