My Oracle Support Banner

OIM-OAM 12c SSO Integration: Enabling User In OIM Does Not Update Ds-pwp-account-disabled To False In OUD (Doc ID 2524029.1)

Last updated on JUNE 17, 2020

Applies to:

Identity Manager - Version and later
Information in this document applies to any platform.


In a OIM-OAM 12c SSO integration with OUD LDAP: Trying enable user in OIM and it does not work. The Enable User process task does not get triggered and the status of the SSOTarget application is provisioned not enabled. Also the ds-pwp-account-disabled field is not set to false in OUD. 

There is role membership rule in picture which for OIM role for users which are in status Active or Enabled.

Steps to reproduce:

Setup the role and rules for its membership such as:
Role Name : SSO target
Rule:( ( Identity Status = "Active" ) OR ( ( Identity Status = "Enabled" )

1. Login to OIM /identity
2. Select an active OIM user
3. SSO target application is provisioned to a user .
4. Disable the user in OIM, user get disabled in OUD
5. Enable the user in OIM
6. Check OUD account and its not Enabled.



To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.