UNLOCKING THE ACCOUNT WHICH SHOWS AS ACTIVE IN OIM AND ODSM
The account status is shown as active and unlocked in the OIM and odsm but the account is locked to verify this we need to check the two parameters in the ODSM navigate to the particular user account and search the two parameters oblockouttime .oblogintrycount
If the oblockouttime has the value in it then the account is locked ..
Scenario
when we are trying to log in to the fusion applications which gives the error and redirecting to the forget password page..
check the account status in the OIM and the account is locked ... we need to unlock the account and reset the password in the OIM and checked the fusion applications log-in ..
But still the fusion applications log-in with the OAM SSO fails .. redirecting the screen to the forget password
Then follow the steps to unlock the account in ODSM
Step 1
Log-in to the fusion applications
and gives the message with the account is locked and use the forget password utility
But still the fusion applications log-in with the OAM SSO fails .. redirecting the screen to the forget password
Then follow the steps to unlock the account in ODSM
Step 1
Log-in to the fusion applications
and gives the message with the account is locked and use the forget password utility
Step 2
Unlock the user account in the OIM
log-in as admin user to the OIM and navigate to the administration tab and search the user name..which the account is locked ..unlock the account by clicking the unlock account symbol on the top
Step 3
Reset the password for the account
we can reset the password through manual or the system generated password the New password will be send to the end user through the email if we select the check box email the password to the new user
The notification template for the password reset [reset password]
Once the new password is create then check run the LDAP sync process
Step 4
Run the LDAP User Create and Update Reconciliation Job from the OIM
Navigate to the advanced tab in the OIM and select the scheduled Jobs
in the scheduled Jobs Search for Ldap* and you will fins all the Ldap related scheduled process Run the Job
Step 5
Check again in the fusion applications but still the user are not able tot log in into the fusion applications and gives the same error
check the status of the account in the of tin the ODSM and OIM in both the consoles it shows as the account is active
Check the account status in the OIM
Check the Account status in the ODSM
In both OIM and ODSM the account is unlocked but it gives the locked message when we try to log in from fusion applications
Step 6
we need to check the two parameters in the ODSM to conform the account is locked or not
[1]oblockouttime
[2]oblogintrycount
These are the two parameters which we need check for the account status
For the oblockouttime the value is present then The account is locked
lock and unlock the account the OIM and check the values for the oblockouttime
once the account is locked and unlocked the values which is present in the parameter for oblockouttime will be erased
But still if the value is not erased then we need to manually remove the values for the two parameters remove the value from the oblockouttime and change the oblogintrycount to 0
Step 7
Retrieve Latest LDAP Changes Process from the Fusion Applications
Navigate to the schedule process in the fusion applications and then select the Retrieve Latest LDAP Changes Process and run it
Select the process from the schedule new process tab
Run the process as soon as possible
Check the process had executed successfully
Out Put of the Process
Unlock the user account in the OIM
log-in as admin user to the OIM and navigate to the administration tab and search the user name..which the account is locked ..unlock the account by clicking the unlock account symbol on the top
Step 3
Reset the password for the account
we can reset the password through manual or the system generated password the New password will be send to the end user through the email if we select the check box email the password to the new user
The notification template for the password reset [reset password]
Once the new password is create then check run the LDAP sync process
Step 4
Run the LDAP User Create and Update Reconciliation Job from the OIM
Navigate to the advanced tab in the OIM and select the scheduled Jobs
in the scheduled Jobs Search for Ldap* and you will fins all the Ldap related scheduled process Run the Job
Step 5
Check again in the fusion applications but still the user are not able tot log in into the fusion applications and gives the same error
check the status of the account in the of tin the ODSM and OIM in both the consoles it shows as the account is active
Check the account status in the OIM
Check the Account status in the ODSM
In both OIM and ODSM the account is unlocked but it gives the locked message when we try to log in from fusion applications
Step 6
we need to check the two parameters in the ODSM to conform the account is locked or not
[1]oblockouttime
[2]oblogintrycount
These are the two parameters which we need check for the account status
For the oblockouttime the value is present then The account is locked
lock and unlock the account the OIM and check the values for the oblockouttime
once the account is locked and unlocked the values which is present in the parameter for oblockouttime will be erased
But still if the value is not erased then we need to manually remove the values for the two parameters remove the value from the oblockouttime and change the oblogintrycount to 0
Step 7
Retrieve Latest LDAP Changes Process from the Fusion Applications
Navigate to the schedule process in the fusion applications and then select the Retrieve Latest LDAP Changes Process and run it
Select the process from the schedule new process tab
Run the process as soon as possible
Check the process had executed successfully
Out Put of the Process
Starting User Sync Number of users returned from ldap: 185 User Sync Ended: New User Count = 2, Updated User Count =5 Starting Roles Sync Number of roles returned from ldap for lang US: 500 Role Sync Ended: New Role Count = 2, Updated Role Count =0 Starting User Role (Granted Roles) Sync Total Number of Granted Roles were modified = 3
Now try to log-in from the fusion applications with the effected user and the user will be able to log-in
No comments:
Post a Comment