We weren't able to login to WebCenter Portal which uses OID as the Authentication store today.
On investigation we found out that the superuser orcladmin account was itself locked.
Note -
1.There are 2 orcladmin accounts: the superuser account, cn=orcladmin, and the REALM administrator cn=orcladmin, for example: cn=orcladmin,cn=users,dc=oracle,dc-com.
2. The superuser account is hard coded and is not seen in the Oracle Directory Manager (ODM), nor the Oracle Directory Services Manager (ODSM) in 11g.
Following commands* executed from a command line tool helped to fix this issue -
Post this, you would need to login to ODSM, go to Data Browser tab and change the password for cn=orcladmin,cn=Users,dc=<companyName>,dc=com and change the password which in all probability might have expired as well.
On investigation we found out that the superuser orcladmin account was itself locked.
Note -
1.There are 2 orcladmin accounts: the superuser account, cn=orcladmin, and the REALM administrator cn=orcladmin, for example: cn=orcladmin,cn=users,dc=oracle,dc-com.
2. The superuser account is hard coded and is not seen in the Oracle Directory Manager (ODM), nor the Oracle Directory Services Manager (ODSM) in 11g.
Following commands* executed from a command line tool helped to fix this issue -
export
ORACLE_HOME=/u01/app/oracle/middleware/Oracle_IDM1/
export
ORACLE_INSTANCE=/u01/app/oracle/admin/OID_Domain/oid_inst_2/
cd
/u01/app/oracle/middleware/Oracle_IDM1/ldap/bin
>./oidpasswd connect=OIDDB
unlock_su_acct=true #find connect string from #/u01/app/oracle/admin/OID_Domain/oid_inst1/config/tnsnames.ora
OID DB user password:<ODS Schema pwd>
*This is just a representation of what i had to do in my environment to fix this.
Atul Kumar's post here also helps with similar issues.
To change password policies have a look at this Oracle Doc
To change password policies have a look at this Oracle Doc
