My Oracle Support Banner

OUD 11g/12c - Queries on Duplicate Users in OUD (Doc ID 2468462.1)

Last updated on AUGUST 30, 2023

Applies to:

Oracle Unified Directory - Version 11.1.1.5.0 and later
Information in this document applies to any platform.

Goal

Sample duplicate user profiles from the OUD end:

dn: cn=<USERPROFILE_1>,ou=Users,dc=<SUFFIX_DN>
orclGUID: <orclGUID>
mail: <username@DN.COM>
pwdPolicySubentry: cn=Default Password Policy,cn=Password Policies,cn=config
subschemaSubentry: cn=schema
isMemberOf: cn=<GROUP_1>,ou=Groups,dc=<SUFFIX_DN>
isMemberOf: cn=<GROUP_2>,ou=Groups,dc=<SUFFIX_DN>
changelog: cn=changelog
createTimestamp: 20180718152118Z
pwdChangedTime: 20180718152118.754Z
numSubordinates: 0
structuralObjectClass: CustomPerson
ds-sync-hist: dn:<DN>:add
nsUniqueId: <NS_UNIQUE_ID>
hasSubordinates: false
entryDN: cn=<ENTRYDN>,ou=users,dc=<SUFFIX_DN>
entryUUID: <ENTRY_UUID>
creatorsName: <DM_ADMIN>
modifyTimestamp: 20180718152118Z
modifiersName: <DM_ADMIN>

dn: cn=<USERPROFILE_1_COPY>,ou=Users,dc=<SUFFIX_DN>
ds-pwp-account-disabled: false
pwdPolicySubentry: cn=Default Password Policy,cn=Password Policies,cn=config
pwdReset: true
createTimestamp: 20180718152312Z
numSubordinates: 0
structuralObjectClass: CustomPerson
nsUniqueId: <NS_UNIQUE_ID>
entryUUID: <ENTRY_UUID>
entryDN: cn=<USERPROFILE_1_COPY>,ou=users,dc=<SUFFIX_DN>
orclGUID: <orclGUID>
mail: <username@DN.COM>
subschemaSubentry: cn=schema
isMemberOf: cn=<GROUP_1>,ou=Groups,dc=<SUFFIX_DN>
isMemberOf: cn=<GROUP_2>,ou=Groups,dc=<SUFFIX_DN>
changelog: cn=changelog
pwdChangedTime: 20180718152312.803Z
ds-sync-hist: dn:<DN>:add
ds-sync-hist: pwdreset:00000164adfcf2230efc00017599:repl:true
ds-sync-hist: orclaccountstatusevent:00000164adfcf2230efc00017599:add:3
ds-sync-hist: ds-pwp-account-disabled:00000164adfcf23c0efc0001759a:repl:false
ds-sync-hist: modifytimestamp:00000164adfcf23c0efc0001759a:repl:20180718152312Z
ds-sync-hist: modifiersname:00000164adfcf23c0efc0001759a:repl:<DM_ADMIN>
hasSubordinates: false
creatorsName: <DM_ADMIN>
modifyTimestamp: 20180718152312Z
modifiersName: <DM_ADMIN>

Noticing the difference in the create timestamp of the user, in OIM user created 30 mins before as compared to the OUD create timestamp.

Question 1: Why does OUD allow duplicate profiles and how to avoid this?

Question 2: Is there any command in OUD to find duplicate entries?

Question 3: How to delete duplicate entries

Question 4: How to find when and who created duplicate entries in OUD?

Question 5: Is it a good practice to use <DM_ADMIN> as a Service Account or Application Bind ID? 

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
Goal
Solution


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.