OID Accounts Cannot be Unlocked by the Users with "Allow account management" Privilege
(Doc ID 455442.1)
Last updated on AUGUST 26, 2022
Applies to:
Oracle Internet Directory - Version 10.1.2 to 10.1.4 [Release 10gR2 to 10gR3]Information in this document applies to any platform.
Symptoms
Creating a user and assigning it "Allow account management" privilege, the locked users cannot be unlocked using the Unlock button from OIDDAS.
Displays an error like: "User <user> could not be unlocked"
LDAP trace logs show:
BEGIN
2007/08/21:15:19:48 * ServerWorker (REG):4 * ConnID:12 * OpId:58 * OpName:modify
INFO : gslfmeADoModify: dn = cn=testlock,cn=users,dc=company,dc=com
15:19:48 * gslfmeADoModify: dn (cn=testlock,cn=users,dc=company,dc=com)
15:19:48 * gslfmeADoModify: modifications:
15:19:48 * add: orclpwdaccountunlock
...
5:19:48 * gslfacZEvaluate_Attributes: Operation id:(58) Enforcing Server Default Access Policy
15:19:48 * gslfacZEvaluate_Attributes:Operation id:(58) Attribute Access to entry (cn=testlock,cn=users,dc=company,dc=com) not allowed
15:19:48 * gslfacDAclCheckMods: Access to attributes not allowed
15:19:48 * INFO : gslfrsASendLdapResult2 RESULT = 50 nentries=0
END
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Cause |
Solution |
References |