OAM/OIM Integration : Lockout taking effect based on the oam-config.xml rather than InvalidLoginAttemptsAllowed defined in OIM
(Doc ID 2434757.1)
Last updated on AUGUST 13, 2018
Applies to:Oracle Access Manager - Version 184.108.40.206.171017 and later
Information in this document applies to any platform.
On : 220.127.116.11.171017 version, Authentication Engine
In OIM/OAM integrated environment, user account is locked based on LockoutAttempts defined in oam-config.xml instead of the InvalidLoginAttemptsAllowed defined in OIM per organization password policy.
user account locked based on LockoutAttempts which is system wide setting and not organization specific setting.
The issue can be reproduced at will with the following steps:
OAM and OIM has been integrated
OIM has per organization password policy defined.
OIM Pwd Policy: InvalidLoginAttemptsAllowed Attempt: 7
oam-config.xml (LockoutAttempts) = 5
Lockout taking effect based on the oam-config.xml (5) rather than InvalidLoginAttemptsAllowed defined in OIM
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!