Skip to Main Content

OID 12c pwdaccountlockedtime attribute not updating on user lock.

USER_JOJul 2 2021

Hi All,
I have an OIM-OAM-OID 12c integrated environment with oracle database 12c.
The password policy checks for 5 invalid login attempts and on 5th invalid login attempt it locks the user in OAM, OIM and OID for 30 mins.
However, the user is locked and and cannot login but the "Unlock Account" button that is visible in OID once the user is locked is not appearing there. The most probable reason I found for this, is that the pwdaccountlockedtime* attribute in OID is not updating once the user is getting locked.
*(As per my finding, pwdaccountlockedtime is the attribute using which OID identifies a user account as locked or unlocked and accordingly shows "Unlock Account" button for the time duration which is set for the user to remain locked. Please correct me if I am wrong.)
But since this attribute is not updating, the user is treated as unlocked in OID and can log in even before the time limit of 30 mins with a correct password.
Please suggest as to what should be checked or modified for this attribute to be updated appropriately so the user lock and unlock flow works as expected.
@srinath-menon-oracle @sunilsharma @Sunil_Sharma

Thanks in advance.

Post Details
Added on Jul 2 2021