OSR 11g : Account Management failed with Error ” Initialization of accounts has failed contact the administrator of the registry”

.
Steps to replicate Issue :

1. Login to OSR (Oracle Service Registry) 11g Control http://servername:7101/registry/uddi/web  (7101 is default port for OSR 11g deployed on WebLogic Server)
2. Click on Registry Management -> Click on Account Management
_________________________________

Initialization of accounts has failed. For help please contact the administrator of the registry.
____________________________________

.

.

Setup:
OSR 11g deployed on WebLogic Server with Oracle Database as database repository and Integration with LDAP (OID) as Authentication Provider.  For list of supported Application Servers and database for OSR 11g check my post here

.

Possible Reasons for this issue

1.Unable to connect to OSR repository (Database) from applications server (WebLogic in my case)
2. If you have integrated OSR with LDAP server (OID, AD, Sun Directory) for authentication then there could be conflict with ADMIN user in OSR and similar user in LDAP Server.
3. Unable to connect to OID (LDAP) server

.

Where are logs in OSR

There are two main logs install time log ($INSTALL_DIR/log – install.log & setup.log) and run time log (depending on application server on which you deploy OSR). For OSR 11g deployed on WebLogic logs will be at following locations

a)$DOMAIN_HOME/ servers/ osr_server1/ logs/
b)$DOMAIN_HOME/ servers/ osr_server1/ tmp/ _WL_user/ registry/ [random_number]/ public/ serviceRegistry_errorEvents.logserviceRegistry_logEvents.log

Error in serviceRegistry_errorEvents.log

Checked in logs and following was recorded in Service Registry Error Event Log
_______________

<2010-03-19 08:55:47,778> – <ID1279526140038> <ERROR> <USR4023> account.com.systinet.uddi.account.ldap.LdapBackendImpl – It is impossible to open connection to LDAP server. – EXCEPTION: javax.naming.OperationNotSupportedException: [LDAP: error code 53 – Password Policy Error :9001: cn=orcladmin : Your account is locked. Contact your OID administrator.] javax.naming.OperationNotSupportedException: [LDAP: error code 53 – Password Policy Error :9001: cn=orcladmin : Your account is locked. Contact your OID administrator.]ERROR: com.systinet.uddi.webui.WebUIRawService – Web Framework exception  EXCEPTION: com.systinet.uddi.webui.WebUIException: (18003) UDDI error occurred. javax.servlet.ServletException: com.systinet.uddi.webui.WebUIException: (18003) UDDI error occurred.
        at com.systinet.webfw.servlet.WebFilterChain.doFilter(WebFilterChain.java:42)
ERROR: com.systinet.uddi.webui.WebUIRawService –
EXCEPTION: Initialization of accounts has failed. For help please contact the administrator of the registry.
____________________
.

Issue Verification

As per logs it was clear that user cn=orcladmin(used for OSR integration ) was locked. To verify I executed ldapbind on OID server.

$ORACLE_HOME/bin/ldapbind -p 389 -D cn=orcladmin -w [orcladmin_password]

ldap_bind: DSA is unwilling to perform
ldap_bind: additional info: Password Policy Error :9001: cn=orcladmin : Your account is locked. Contact your OID administrator.

 

.

Unlock Superuser (cn=orcladmin) in OID using oidpasswd 

OIDPASSWDis command to unlock or reset super user (cn=orcladmin) account in OID. More information here

 Run below command in OID node

export ORACLE_INSTANCE=/u01/oracle/fmw11g/oid1
export ORACLE_HOME=/u01/oracle/fmw11g/Oracle_IDM1
$ORACLE_HOME/ldap/bin/oidpasswd connect=[tns_alias] unlock_su_acct=true

.
OIDPASSWD failed

OIDPASSWD command failed with below error

ERROR * gsldpuUnlockSuAccount * ORA-12154:ORA-12154: TNS:could not resolve the connect identifier specified
 encountered Error in unlocking OID super user account.

 I got similar error even after creating tnsalias in $ORACLE_HOME/network/admin/tnsnames.ora.  Finally I found Oracle Support note 882360.1 which suggested that in 11g OID, tns alias is picked up from $ORACLE_INSTANCE/config/tnsnames.ora

Finally issue fixed by “unlocking orcladmin account and restarting WebLogic Server Managed Server (osr_server1) hosting OSR”.

.
Related/References Oracle My Support Notes

  • 1051262.1  How To Find Oracle Service Registry Logs ?
  • 429021.1   FAQ : Oracle Service Registry
  • 434744.1   How To Clean Up A Failed Oracle Service Registry Installation
  • 551480.1   Oracle Service Registry org.systinet.uddi.account.AccountException: Initialization of Accounts has Failed 
  • 553846.1   Diagnosing ‘Initialization of Accounts’ errors between Oracle Service Registry and LDAP
  • 882360.1  OID 11g Database Tools (i.e, Catalog, Ldifwrite, Bulkload, Oidpasswd) Fail With “Unable to Connect to Database: Incorrect location for tnsnames.ora or Incorrect TNS Connect string or Invalid Password”

About the Author Atul Kumar

Oracle ACE, Author, Speaker and Founder of K21 Technologies & K21 Academy : Specialising in Design, Implement, and Trainings.

follow me on:

Leave a Comment:

2 comments
Chrisz says September 9, 2010

Hi Atul,

I installed OSR 11g, got this error when tring to open in browser: http://localhost:7777/registry/uddi/web

In browser:

Error 500–Internal Server Error
From RFC 2068 Hypertext Transfer Protocol — HTTP/1.1:
10.5.1 500 Internal Server Error

The server encountered an unexpected condition which prevented it from fulfilling the request.

In console:

[oracle@app1arq2t jdk1.6.0_21]$ INFO: com.systinet.wasp.WaspImpl – Starting Systinet Server for Java/6.0 (Java/1.6.0_21; Linux/2.6.18-164.el5; build SSJ-6.0-20091204-1155)

My enviroment:

– Linux RedHat 5
– jdk1.6.0_21
– Oracle Database 11.2.0.1.0
+ ojdbc6.jar for DB 11.2
– Weblogic 10.3 x64
– OSR 11.1.1.2.0
+ Patch 9499508_111120_Generic

My Domain:

DOMAIN_HOME=”/oracle/middleware/user_projects/domains/app1arq2t”

/$DOMAIN_HOME/servers/AdminServer/…
/$DOMAIN_HOME/servers/osr_server1/tmp/_WL_user/registry/x9u4h5/…

Additionally in my Entreprise Manager the server AdminServer and osr_server1 are UP

anyone with idea please,… regards

Reply
Jide says February 4, 2012

Hii,

Please I encounter the orcladmin passwd lock prob. Ihave tried the following to no avail.

Oidpassword connect=Fidm@oid_inst1 unlock_su_acct=true
Oidpassword connect=oid_inst1 unlock_su_acct=true
Oidpassword connect=Fidm unlock_su_acct=true

Where Fidm=db sid
Oid_inst1=oracle instance

Reply
Add Your Reply

Not found