Hi Everyone!!
Here is a piece of information to unlock OID super user orcladmin.
One of my dba had tried too many times running ldapsearch with wrong password caused orcladmin account to be locked.
myhost> ldapsearch -h myhost.mydomain.com -p 389 -b cn=slakshma,cn=users,dc=mydoamin,dc= com -D cn=orcladmin -w secretpwd -s sub "objectclass=*"
ldap_bind: DSA is unwilling to perform
ldap_bind: additional info: Password Policy Error :9001: cn=orcladmin : Your account is locked. Please contact the Administrator.
myhost>
I ran oidpasswd utility from OID mid tier $ORACLE_HOME/bin
myhost> oidpasswd connect=OIDDB unlock_su_acct=true
OID DB user password:****
OID super user account unlocked successfully.
myhost>
After unlock I was successfully able to run ldapsearch command.
myhost> ldapsearch -h myhost.mydomain.com -p 389 -b cn=slakshma,cn=users,dc=mydomain,dc=com -D cn=orcladmin -w secretpwd -s sub "objectclass=*"
cn=slakshma, cn=users,dc=sun,dc=com
sn=lakshmanan
uid=SLAKSHMA@MYDOMAIN.COM
givenname=SURESH
description=SURESH LAKSHMANAN
mail=SLAKSHMA@MYDOMAIN.COM
orclactivestartdate=20071203000000z
orclisenabled=ENABLED
cn=SLAKSHMA@MYDOMAIN.COM
objectclass=orclUserProvStatus
objectclass=inetOrgPerson
objectclass=orclUserV2
objectclass=organizationalPerson
objectclass=top
objectclass=person
krbprincipalname=uid=slakshma@mydomain.com,ou=people,o=self_registered_users,dc=mydomain,dc=com
orcluserprovfailurecount;wireless_wireless=0
orcluserapplnprovstatusdesc;wireless_wireless=1244050432398_PROVISIONING_SUCCESSFUL
orcluserapplnprovstatus;wireless_wireless=PROVISIONING_SUCCESSFUL
myhost>
Subscribe to:
Post Comments (Atom)
12 comments:
very nice blog
it was impressive
:)
Suresh, oidpasswd will be there in $ORACLE_HOME/ldap/bin. You want to correct your post.
Indira.
Suresh,
Good job on maintaining the blog with good articles.
oidpasswd will be there in $ORACLE_HOME/ldap/bin. You want to correct your post.
Indira.
Suresh,
Good job on maintaining the blog with good articles.
oidpasswd will be there in $ORACLE_HOME/ldap/bin. You want to correct your post.
Indira.
Hi Indira,
Thanks for the comment.
sorry for the late reply. Had no access to internet. I will not be able to change the post as changing will cause another email to readers.
It is a good comment, it will be with comment section.
Thanks
Suresh
Hi Suresh,
Good job!!,... what happens if orcladmin becomes locked because some user is trying to connect n-times with orcladmin but with incorrect password?? How can stablish the IP of this computer (for cut one hand,...hahaha).
And how can disable "locked" parameter,... and disable the possibility of hand off my system.
Thanks... and Best Regards from Barcelona !!!
Mariola.
Hi Mariola,
thanks for the comment. good question !! allowing only few IP's for changing orcladmin password. I do not have answer, Oracle support should be able to give answer for that.
Thanks
Suresh
Hi, Very nice command
Hi all, regards from México, I have a question,
What OID DB user ??
Sys, system, other ??
Daniel,
it is OIDDB .
suresh
Thank you very much!
After unlocking the user (cn=orcladmin) using above steps, it is working fine but after 10 min automatically cn=orcladmin is getting locked.
Post a Comment