While creating user in Oracle Apps it's showing error that AppsDN password has been expired



The "AppsDN" user is a special administration account which eBiz uses to connect to OID for management and administrative tasks when integrating with OID/SSO. First check whether AppsDN password has been expired. To
check this first login to apps and check the following. 

Step 1
SQL> select fnd_preference.get('#INTERNAL', 'LDAP_SYNCH','USERNAME') from dual;

FND_PREFERENCE.GET('#INTERNAL','LDAP_SYNCH','USERNAME')
--------------------------------------------------------------------------------
orclapplicationcommonname=prod,cn=ebusiness,cn=products,cn=oraclecontext,dc=cloud,dc=com


Step 2
Check the current password of AppsDN in oracle apps R12.
select fnd_preference.eget('#INTERNAL', 'LDAP_SYNCH','EPWD','LDAP_PWD') Password from dual;


Step 3
Now use the information you gathered from Step 1 and Step 2 to check what is the issue with AppsDN user in Oracle OID. To check this use the following command.

$ORACLE_HOME/bin/ldapcompare -h -p  -D cn=orcladmin -w -b "orclapplicationcommonname=prod,cn=ebusiness,cn=products,cn=oraclecontext,dc=cloud,dc=com"  -a userpassword -v

For our case it has returned following error.
ldap_compare_s: Invalid credentials
ldap_compare_s: additional info: Password Policy Error :9000: GSL_PWDEXPIRED_EXCP :Your Password has expired. Please contact the Administrator to change your password.


Solution

Step 4
To resolve this issue, login to "oidadmin" after setting proper env variable in OID. 

$ oidadmin

Navigate through the "Entry Management" tree to the appropriate context (the reversed path of the orclApplcationCommonName). Use the information you gathered from Step 1.
    for example 
        com, oracle, uk, OracleContext, Products, EBusiness, orclApplicationCommonName=VIS


Update the "userpassword" field for this entry. It can be set to the existing value.
Click the "Apply" button to save this change. This immediately stores the new password, so you can redo the "ldapbind" test and it will succeed this time.




Reference

How to check/change the eBiz AppsDN user password in AS10g OID (Doc ID 437697.1)




No comments :