Password Policy Expires Password, Then DIP 10g Connector Locks Out Account

(Doc ID 265397.1)

Last updated on MARCH 08, 2017

Applies to:

Portal - Version 10.1.2.0.0 to 10.1.4.0 [Release 10gR2]
Oracle Internet Directory - Version 10.1.2.0.2 to 10.1.4.3 [Release 10gR2 to 10gR3]
Information in this document applies to any platform.
***Checked for relevance on 18-Sep-2015***

Symptoms

Starting in OID release 9.0.4, the default value for Password Expiry Time is set to 5184000 (60 days).  After 60 days from installation date, the password for the ODI server (and any other assigned passwords) will automatically expire.

If Directory Synchronization and/or Provisioning are running, the ODISRV process will attempt to process the active profiles.  Soon after password expiration, this repeated trying will cause the DIP connector to exceed the max grace logins allowed and consequently the account is locked.

A view of the odisrv.trc file for each profile shows:

[LDAP: error code 49 - Password Policy Error :9000: GSL_PWDEXPIRED_EXCP :Your Password has expired. Please contact the Administrator to change your password.]
Error in updating the status java.lang.NullPointerException
java.lang.NullPointerException
at oracle.ldap.odip.engine.AgentThread.updateExecStatus(AgentThread.java:542)
at oracle.ldap.odip.engine.AgentThread.run(AgentThread.java:192)

 

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms