To unlock/ reset the SSO orcladmin user account using commandline tools, perform the following steps:
1. On the OID machine, set the environment as follows:
export ORACLE_HOME=/u01/app/oracle/product/idm
export PATH=$ORACLE_HOME/bin:$PATH
export LD_LIBRARY_PATH=$ORACLE_HOME/lib:$LD_LIBRARY_PATH
2. In a working directory on the OID server, create file changepwd.ldif containing the following 4 lines:
dn: cn=orcladmin,cn=Users,dc=icici,dc=gld,dc=gov,dc=au
changetype: modify
replace: userPassword
userPassword: fa1rplay
3. 3. Implement the password reset by running the command below.
$ORACLE_HOME/bin/ldapmodify -p 389 -D "cn=orcladmin" -w welcome1 -v -f changepwd.ldif
--------------------------------------------------------------------------------------------------------------------------
orcladmin SSO user account can be unlocked by resetting the user password value in Oracle Internet Directory (OID) using the superuser orcladmin account.
NOTE: The orcladmin user used for SSO login and the superuser orcladmin user are DIFFERENT accounts. When login to SSO is performed using 'orcladmin' userid this is logging in as the OID realm administrator account, not the OID superuser account.
A. To unlock the SSO orcladmin user account using the Oracle Directory Manager (oidadmin) GUI tool, perform the following steps:
1. On the OID machine, set the environment as follows:
export ORACLE_HOME=/u01/app/oracle/product/idm
export PATH=$ORACLE_HOME/bin:$PATH
export LD_LIBRARY_PATH=$ORACLE_HOME/lib:$LD_LIBRARY_PATH
On Solaris, HP and AIX platforms LD_LIBRARY_PATH should be set to include the 32bit Oracle software libraries:
export LD_LIBRARY_PATH=$ORACLE_HOME/lib32:$LD_LIBRARY_PATH
2. Invoke the GUI Oracle Directory Manager (ODM) tool using oidadmin executable.
$ORACLE_HOME/bin/oidadmin &
When prompted, connect to OID on the non-SSL port.
Use the OID superuser credentials i.e. cn=orcladmin
3. When the ODM window is displayed, in the left-hand navigator tree expand the following:
Entry Management
your_realm -- e.g. dc=com then dc=oracle
cn=Users
Under the cn=Users entry, locate the orcladmin user entry and click ON that entry.
Note: if expanding cn=Users causes a search sizelimit exceeded error, click ON the cn=Users entry then use the Search tab in the right-hand frame to locate the orcladmin user entry and edit it.
4. When the details for the orcladmin user are displayed in the right-hand frame, scroll down to locate the "userpassword" attribute field.
Type the required password in the userpassword attribute field and click Apply.
No comments:
Post a Comment