Active Directory Password Sync Does not Work with Discovery Port Open in the Firewall
(Doc ID 742031.1)
Last updated on SEPTEMBER 22, 2023
Applies to:
Identity Manager Connector - Version 9.0.4 to 9.1.0.1 [Release 10gR2 to 10gR3]Information in this document applies to any platform.
Active Directory (AD)
Firewalls
JBoss
Symptoms
The Active Directory (AD) Password Sync Module is installed on a Domain Controller (DC) that is protected by a firewall. When trying to change the password for a user on AD, the ADPasswordSync fires up and then fails to login into the Oracle Identity Manager (OIM) Server running in the JBoss Application Server. The logs indicate that the OIM server is up, but the module tries to authenticate using the configured username /password but it does not authenticate successfully. The following error is seen in the log file:
Changes
A firewall was placed in-between the DC and the OIM Server to control network traffic and the discovery port, for example, was not permitted in the firewall rules. Before this, the Password Sync was working fine.
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |