My Oracle Support Banner

OIM-OAM 12c SSO Integration: Enabling User In OIM Does Not Update Ds-pwp-account-disabled To False In OUD (Doc ID 2524029.1)

Last updated on APRIL 22, 2019

Applies to:

Identity Manager - Version 12.2.1.3.190109 and later
Information in this document applies to any platform.

Symptoms

In a OIM-OAM 12c SSO integration with OUD LDAP: Trying enable user in OIM and it does not work. The Enable User process task does not get triggered and the status of the SSOTarget application is provisioned not enabled. Also the ds-pwp-account-disabled field is not set to false in OUD. 

There is role membership rule in picture which for OIM role for users which are in status Active or Enabled.

Steps to reproduce:
=================

Setup the role and rules for its membership such as:
Role Name : SSO target
Rule:( ( Identity Status = "Active" ) OR ( ( Identity Status = "Enabled" )

1. Login to OIM /identity
2. Select an active OIM user ( In my testcase , I have taken user "TESTLA1")
3. SSO target application is provisioned to a user .
4. Disable the user in OIM, user get disabled in OUD
5. Enable the user in OIM
6. Check OUD account and its not disabled.

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.