Provisioning Users from OID to Apps Returns Log Error: "gsl_pwdexpired_excp:" Your Password Has Expired ORA-31202 | Creating or Updating EBS Users Fails with: ORA-20001: The LDAP APPS DN **<apps DN>** password has expired. (Doc ID 401836.1)

Last updated on MARCH 13, 2017

Applies to:

Oracle Internet Directory - Version 10.1.2 to 11.1.1 [Release 10gR2 to 11g]
Oracle E-Business Suite Technology Stack - Version 11.5.0 and later
Information in this document applies to any platform.


When attempting to provision users from OID to Apps (eBusiness Suite), getting the following errors in the (DIP 10g) <profile-name>.aud log file:

Gsl_pwdexpired_excp: your password has expired ora-31202
STATUS MSG : ORA-31202: DBMS_LDAP: LDAP client/server error: Invalid
. Password Policy Error :9000: GSL_PWDEXPIRED_EXCP :Your Password has expired.
Please contact the Administrator to change your password.
Mon Dec 04 11:34:41 EST 2006 - Audit Log End
Mon Dec 04 11:35:41 EST 2006 - Audit Log Start

Or, creating new users or update existing user's information in EBS when the provisioning profile setup is enable, it returns:

Unable to call fnd_ldap_wrapper.update_user due to the
following reason:
oraclecontext,dc=mycompany,dc=com** password has expired.
Please contact the Administrator to change APPS DN
password.. (USER_NAME=MYUSER)

For DIP 11g, similar errors occur in the DIP wls_ods1-diagnostic.log.

Additional symptoms:

- Creating an external customer user for iSupport, the following error appears:
Internal Error. Cannot complete Request. Please contact your System Administrator for Help.

Higher debugging reveals the underlying error returned from OID as:

- Testing with ldapcompare command line fails:





Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms