Locking a User in an Oracle Access Manager (OAM) / Oracle Identity Manager (OIM) Integration Environment with Oracle Unified Directory (OUD) after X Number of Unsuccessful Login Attempts From OAM sets obLockedOn with a Wrong timestamp Format
(Doc ID 2661659.1)
Last updated on JANUARY 19, 2022
Applies to:
Oracle Access Manager - Version 12.2.1.3.0 and laterIdentity Manager - Version 12.2.1.3.0 and later
Information in this document applies to any platform.
Symptoms
In an Oracle Access Manager (OAM) / Oracle Identity Manager (OIM) 12c integration after X unsuccessful login attempts (Out Of The Box 3) OAM locks the user in OUD
After the third wrong password the user does get locked in OUD and OAM redirects the user to the OIM lock page
To lock the user in OUD, OAM sets some attributes in the OUD user entry, one of them is obLockedOn
dn: <$DN>
....
middleName: XXX
oblockedon: 2020042117054208z
obpasswordchangeflag: false
sn: XXXX
oblogintrycount: 3
The oblockedon which stores the time the user was locked in UTC (Zulu) time use a wrong format, small z , instead of the correct LDAP timestamp format with a capital Z as defined in RFC 4519
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Cause |
Solution |
References |