OUD 12c - New Password Policy is not Assigned Correctly for User Accounts Existing in Sub-container
(Doc ID 2702255.1)
Last updated on SEPTEMBER 28, 2023
Applies to:
Oracle Unified Directory - Version 12.2.1.4.0 and laterInformation in this document applies to any platform.
Symptoms
Customer created a new virtual attribute to assign a new password policy to accounts existing in a child container which at the parent container level, has a separate virtual attribute to assign a different password policy.
It is not getting assigned to the mentioned accounts.
Reproduction setup:
- Parent OU virtual attribute
./dsconfig -h OUD_HOST -p PORT -D "ROOT_DN" -X create-virtual-attribute --type user-defined
--name "NAME1" --set attribute-type:ds-pwp-password-policy-dn
--set conflict-behavior:real-overrides-virtual --set
value:"PASSWORD POLICY DN1" --set
base-dn:"CONTAINER_DN" --set
filter:"(FILTER)"
- Sub OU Virtual attribute
./dsconfig -h OUD_HOST -p PORT -D "ROOT_DN" -X create-virtual-attribute --type user-defined
--name "NAME2" --set attribute-type:ds-pwp-password-policy-dn
--set conflict-behavior:real-overrides-virtual --set
value:"PASSWORD POLICY DN2" --set
base-dn:"SUB_CONTAINER_DN" --set
filter:"(FILTER)"
- Sub OU incorrect password policy assigned
./ldapsearch -h OUS_HOST -p PORT -D "ROOT_DN" -b "SUB_CONTAINER_DN"
-s sub "FILTER" +
dn: ENTRY_DN
ds-pwp-password-policy-dn: "PASSWORD POLICY DN1"
Changes
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Changes |
| Cause |
| Solution |
| References |