My Oracle Support Banner

OIM Active Directory Connector - Patch to Enforce "Password History" functionality from Target System (Doc ID 2758860.1)

Last updated on MARCH 11, 2021

Applies to:

Identity Manager Connector - Version 11.1.1.6.0 and later
Information in this document applies to any platform.

Goal

Active Director target is set up with "Enforce Password History" password policy where in specific number of used passwords cannot be reused.

OIM AD connector 11.1.1.6.0 is set up with this target and while end users change password for account provisioned, password history check is not being honored as in the the old passwords are still being propagated to target from OIM through the connector.

Steps that will show this issue :

------------------------------------

1. Set up OIM AD Connector with target .

2. Provision the account to an end user.

3. Verify "Enforce Password History" password policy is set up on target.

4. Change password for the end user account and reuse one of the old passwords itself.

5. Observe it is accepted by OIM and sent to the target without any password history check.

6. Enable "IsPasswordHistoryCheckEnabled" configuration and set to True,still the same issue is seen.


 

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.