OUD 11g - Error: "<entry> violates the Directory Server schema configuration because it includes multiple values for attribute pwdAccountLockedTime, which is defined as a single-valued attribute"
(Doc ID 2498766.1)
Last updated on MARCH 22, 2023
Applies to:
Oracle Unified Directory - Version 11.1.2.3.180116 and laterInformation in this document applies to any platform.
Symptoms
Following error messages can be found after version upgraded to OUD PS3.
OUD Logs:
[2018-06-08T10:59:55.089+10:00] [oimServer1] [ERROR] [] [oracle.iam.identity.usermgmt.impl] [tid: [ACTIVE].ExecuteThread: '21' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: oiminternal] [ecid: 3d93d23a19c8e104:-6215eff0:163d46e7e71:-8000-000000000002418f,0] [APP: oim#11.1.2.0.0] An exception occurred while performing the operation.[[
oracle.iam.platform.kernel.EventFailedException: Entry cn=xxxxx@xxxx.com,cn=users,dc=SUFFIX_DN cannot not be modified because the resulting entry would have violated the server schema: Entry cn=xxxxx@xxxx.com,cn=users,dc=SUFFIX_DN violates the Directory Server schema configuration because it includes multiple values for attribute pwdAccountLockedTime, which is defined as a single-valued attribute
OIM Logs:
[2018-06-08T11:08:04.919+10:00] [oimServer1] [ERROR] [] [oracle.iam.identity.usermgmt.impl] [tid: [ACTIVE].ExecuteThread: '9' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: oiminternal] [ecid: f52e7b3494bed26a:-37541bcb:163d464d8f6:-8000-0000000000022bf5,0] [APP: oim#11.1.2.0.0] An exception occurred while performing the operation.[[
oracle.iam.platform.kernel.EventFailedException: Entry cn=xxxxx@xxxx.com,cn=users,dc=SUFFIX_DN cannot not be modified because the resulting entry would have violated the server schema: Entry cn=xxxxx@xxxx.com,cn=users,dc=SUFFIX_DN violates the Directory Server schema configuration because it includes multiple values for attribute pwdAccountLockedTime, which is defined as a single-valued attribute
at oracle.iam.ldapsync.impl.eventhandlers.user.UserLockLDAPHandler.execute(UserLockLDAPHandler.java:126)
at oracle.iam.platform.kernel.impl.OrchProcessData.runPreProcessEvents(OrchProcessData.java:967)
at oracle.iam.platform.kernel.impl.OrchProcessData.runEvents(OrchProcessData.java:697)
at oracle.iam.pl
[2018-06-08T10:59:55.089+10:00] [oimServer1] [ERROR] [] [oracle.iam.identity.usermgmt.impl] [tid: [ACTIVE].ExecuteThread: '21' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: oiminternal] [ecid: 3d93d23a19c8e104:-6215eff0:163d46e7e71:-8000-000000000002418f,0] [APP: oim#11.1.2.0.0] An exception occurred while performing the operation.[[
oracle.iam.platform.kernel.EventFailedException: Entry cn=xxxxx@xxxx.com,cn=users,dc=SUFFIX_DN cannot not be modified because the resulting entry would have violated the server schema: Entry cn=xxxxx@xxxx.com,cn=users,dc=SUFFIX_DN violates the Directory Server schema configuration because it includes multiple values for attribute pwdAccountLockedTime, which is defined as a single-valued attribute
OIM Logs:
[2018-06-08T11:08:04.919+10:00] [oimServer1] [ERROR] [] [oracle.iam.identity.usermgmt.impl] [tid: [ACTIVE].ExecuteThread: '9' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: oiminternal] [ecid: f52e7b3494bed26a:-37541bcb:163d464d8f6:-8000-0000000000022bf5,0] [APP: oim#11.1.2.0.0] An exception occurred while performing the operation.[[
oracle.iam.platform.kernel.EventFailedException: Entry cn=xxxxx@xxxx.com,cn=users,dc=SUFFIX_DN cannot not be modified because the resulting entry would have violated the server schema: Entry cn=xxxxx@xxxx.com,cn=users,dc=SUFFIX_DN violates the Directory Server schema configuration because it includes multiple values for attribute pwdAccountLockedTime, which is defined as a single-valued attribute
at oracle.iam.ldapsync.impl.eventhandlers.user.UserLockLDAPHandler.execute(UserLockLDAPHandler.java:126)
at oracle.iam.platform.kernel.impl.OrchProcessData.runPreProcessEvents(OrchProcessData.java:967)
at oracle.iam.platform.kernel.impl.OrchProcessData.runEvents(OrchProcessData.java:697)
at oracle.iam.pl
OUD was configured to integrate with OIM. The above error makes the integration function fail.
Schema definition of 'pwdAccountLockedTime'.
------------schema.ldif.current------------------
attributeTypes: ( 1.3.6.1.4.1.42.2.27.8.1.17 NAME 'pwdAccountLockedTime' DESC 'The time an user account was locked' EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation X-ORIGIN 'draft-behera-ldap-password-policy' X-SCHEMA-FILE '01-pwpolicy.ldif' )
------------cut---------------------------------------
------------schema.ldif.current------------------
attributeTypes: ( 1.3.6.1.4.1.42.2.27.8.1.17 NAME 'pwdAccountLockedTime' DESC 'The time an user account was locked' EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation X-ORIGIN 'draft-behera-ldap-password-policy' X-SCHEMA-FILE '01-pwpolicy.ldif' )
------------cut---------------------------------------
Changes
The OUD version was recently upgraded.
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Changes |
| Cause |
| Solution |
| References |