Password Changes Fail In OAM - Oracle Virtual Directory - Active Directory Environment (Doc ID 786332.1)

Last updated on MARCH 08, 2017

Applies to:

COREid Identity - Version: 10.1.4 and later   [Release: 10g and later ]
Information in this document applies to any platform.
Checked for relevance on 06-MAY-2011

Symptoms

Environment

Oracle Access Manager (OAM) is configured with Oracle Virtual Directory (OVD) / Data AnyWhere for User data store.

The OAM user and group objectclasses for configuration with OVD have been specified as 'User' and 'Group', to correspond with the backend Active Directory user and group objectclasses. The OVD schema has been extended with the User and Group objectclasses to allow this OAM configuration.

The unicodePwd attribute has been configured to be the user password attribute in Identity System objectclass configuration i.e. Password syntax has been assigned to the attribute.

Problem

OAM Lost Password Management is failing when the new password is submitted with the following error:

The Directory Server password syntax was violated. The password cannot be changed.

Attempts to change a user password in User Manager also fail with error 'Operation not supported'.

The debug Identity Server oblog.log shows error LDAP: error code 53 and "Operation will affect RDN of entry and the operation is not supported":

2009/02/03@04:12:16.677000 6892 5248 LDAP DEBUG3 0x00000201
\Oblix\10142hf\np_common\db\ldap\util\ldap_util3.cpp:1623 "ldap_parse_result of Modify operation" ld handle^0x0F06FE40 result^0x0E7A5350 modify entry^CN=user1,OU=Users,DC=AD,DC=COM LDAP modify operation status code^53
Additional error message^LDAP Error 53 : [LDAP: error code 53 - 0000001F: SvcErr: DSID-031A0FC0, problem 5003 (WILL_NOT_PERFORM), data 0%0a freeit^0 parse_rc^0
2009/02/03@04:12:16.677000 6892 5248 DB_RUNTIME TRACE 0x00000204
\Oblix\10142hf\np_common\db\ldap\util\ldap_util3.cpp:1692 "Function exited" _TraceName^LDAPAsyncModify _TraceDuration^0.014829 retCode^53
2009/02/03@04:12:16.677000 6892 5248 DB_RUNTIME WARNING 0x00000010
\Oblix\10142hf\np_common\db\ldap\util\ldap_util.cpp:1788 "Operation will affect RDN of entry and the operation is not supported" dn^CN=Crask\, Don,OU=Users,OU=LVL,OU=AIT,OU=US,DC=AVD,DC=GLOBAL
2009/02/03@04:12:16.677000 6892 5248 DB_RUNTIME WARNING 0x00000504
\Oblix\10142hf\np_common\db\ldap\util\ldap_util.cpp:1832 "Exception during DB runtime code" function^ModifyDBEntryEx() dn^CN=user1,OU=Users,DC=AD,DC=COM 



Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms