When you enable LDAPSync (More on LDAPSYnc here, here, and here ) in OIM 11g (LDAPSync is mandatory to integrate OIM with OAM for SSO), users updated in LDAP (OID) are synced to OID using scheduled task “LDAP User Create and Update Reconciliation”
When user types wrong passwords 5 times in OAM or OAAM login screen (For OAAM login flow when integrated with OAM using TAP click here), users account is locked in OAM (more on Account Lockout here and here ) by updating attribute obLoginTryCount and obLockOutTime . On locking users account in OAM, these attributes should update Account Lock/Unlock button in OIM . (You should see Unlock Account Button , that means account is locked. If you see button Unlock Account that means account is locked in OIM).
If you see that in OIM Account Lock is not working or user is not synced then check “Last Change Number” for Job “LDAP User Create and Update Reconciliation“, If you see value 999 and if this value doesn’t change with next run of Job (This job is scheduled to run every 5 minutes) then check last change log number from LDAP (OID)
- For steps on how to find latest change number from OID, click here and update this number in scheduled task.
From now onwards every account locked in OAM (via attribute obLoginTryCount) should lock account in OIM. When an administrator click on Unlock button in OIM then it should unlock account in OAM (reset obLoginTryCount and obLockOutTime to null in LDAP/OID)
Related Posts for IdM
- Oracle Identity & Access Management II
- Upgrade Oracle Internet Directory/IdM Suite to 10.1.4.2
- Oracle Launches Oracle Access Management Suite
- Installing Oracle Fusion Middleware (FMW) 11g – Identity Management Components (OID, DIP, OVD, OIF)
- Oracle Identity Management Products – OID, OVD, OAM, OIM, ORM, OWSM, OIF, eSSO, OES, OAAM
- #OracleIdM 11g webinar : Is this for OAM (Oracle Access Manager) & OIM (Oracle Identity Manager) 11g ?
- Installing Oracle Identity Management (OIM & OAM) 11g R1 PS2 (11.1.1.3) : High Level Steps
- #OracleIdM 11g : Step by Step Installation of OAM, OIM, OAAM, OAPM, OIN (11.1.1.3.0) – Part I : Load Schema
- Part II – Install WebLogic 10.3.3 : #OracleIdM 11g : Step by Step Installation of OAM, OIM, OAAM, OAPM, OIN (11.1.1.3.0)
- Part III – Install SOA 11.1.1.2 & Upgrade to 11.1.1.3 : #OracleIdM 11g : Step by Step Installation of OAM, OIM, OAAM, OAPM, OIN (11.1.1.3.0)
- Part IV – Install IDAM 11.1.1.3 : #OracleIdM 11g : Step by Step Installation of OAM, OIM, OAAM, OAPM, OIN
- Part V : Create Domain : #OracleIdM 11g : Step by Step Installation of OAM, OIM, OAAM, OAPM, OIN
- Part VI : Configure Identity Manager (OIM) : #OracleIdM 11g : Step by Step Installation of OAM, OIM, OAAM, OAPM, OIN
- Part VII : Install & Configure OIM Design Console : #OracleIdM 11g : Step by Step Installation of OAM, OIM, OAAM, OAPM, OIN
- OAM 11g / OIM 11g High Availability (Active / Active) Architecture Documentation
- Part VIII (Optional) Configure LDAP Sync with OIM 11g (OIM 11g Integration with OVD/OID)
- Looking for Technical Reviewer for Oracle Identity & Access Management Book (OIM/OAM Administration)
- My Book “Oracle Identity & Access Manager 11g for Administrators” is now available in RAW format
- Install Oracle Identity Management (OIM/IDM) 11.1.1.4 – OID / OVD / OIF : High Level Steps
- Oracle IDentity & Access Management (OAM, OIM, OAAM & OES) 11.1.1.5 is available now : 12575064
- Password Policy in OAM-OIM-OID Integration : User not locked after configured value
- IdmConfigTool : OIM/OAM/FusionApps Integration – preConfigIDStore, prepareIDStore, configOAM, configOIM
- Autologin failed in OIM/OAM Integration after password reset SSOAccessKey javax.security. auth.login. LoginException
- OIM 11.1.1.5 BP02 (13399365) and OAM 11.1.1.5 BP02 (13115859)
- Confused about Oracle IAM software version & release number ?
- Oracle Identity Management 11g R2 #oracleidm : Webcast
- Oracle Identity Management 11g R2 documentation now available
- Oracle Identity & Access Management 11gR2 Software is now available to download
- Oracle Identity & Access Management 11gR2 : Installation & Configuration in 12 Steps
- OIM-OAM-OAAM integration using TAP – Request Flow you must understand !!
- Account Lock in OIM OAM OAAM, OID & WebLogic 11g because of Failed Login Attempts
- User not synced from OID (LDAP) to OIM (LDAPsync) : Account Locked in OAM is not locked in OIM
