My Oracle Support Banner

OAM/OIM Integration : Lockout taking effect based on the oam-config.xml rather than InvalidLoginAttemptsAllowed defined in OIM (Doc ID 2434757.1)

Last updated on AUGUST 13, 2018

Applies to:

Oracle Access Manager - Version 11.1.2.3.171017 and later
Information in this document applies to any platform.

Symptoms

On : 11.1.2.3.171017 version, Authentication Engine

In OIM/OAM integrated environment, user account is locked based on LockoutAttempts defined in oam-config.xml instead of the InvalidLoginAttemptsAllowed defined in OIM per organization password policy.


ERROR
-----------------------
user account locked based on LockoutAttempts which is system wide setting and not organization specific setting.


STEPS
-----------------------
The issue can be reproduced at will with the following steps:
OAM and OIM has been integrated
OIM has per organization password policy defined.
OIM Pwd Policy: InvalidLoginAttemptsAllowed Attempt: 7
oam-config.xml (LockoutAttempts) = 5

Lockout taking effect based on the oam-config.xml (5) rather than InvalidLoginAttemptsAllowed defined in OIM

Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.