"The OIM server rejected the setPasswordRequest" Windows Event Log Message and IAM-3030006 OIM Error Appear When Synchronizing User Password by AD Password Synchronization, Due to Password History Policy
(Doc ID 2148401.1)
Last updated on NOVEMBER 13, 2017
Applies to:Identity Manager - Version 184.108.40.206.0 and later
Identity Manager Connector - Version 220.127.116.11 and later
Information in this document applies to any platform.
The user password changes are being synchronized from from Microsoft Active Directory (AD) to Oracle Identity Manager (OIM) by use of AD Password Synchronization which is one of the Oracle Identity Manager Connector.
The following warning and error messages appear when updating AD user password.
Windows Event log (Application Log):
* The above USERNAME and NN are different depending on environment or situation.
Each messages appear 7 times per updating password by default even if applying <Document 1273404.1> solution.
<Document 1273404.1> How To Prevent Looping With AD Password Sync Connector
This scenario is as below.
- Perform provisioning OIM users to AD by AD User Management Connector.
- Synchronize AD user password to OIM by AD Password Synchronization.
- Password history policy is set in both OIM and AD. For example, users are disallowed to use past 5 passwords.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!