How to unlock an user in Oracle Access Manager manually

I am excited to write my 100th post on this site. I took long time to write a post here and came up with a good one finally, well I think so!! This is about OAM 10g.  

It is very important for an OAM administrator to know how to unlock an user account in Oracle Access Manager 10g. There are 2 ways of doing it:

1. Automatic approach: The user account will get unlocked automatically after the lockout period.

2. Manual approach: This will encounter in Help Desk Calls. OAM Administrator is asked to unlock account manually.

I am going to talk about the Manual approach in this post. I will cover the configuration part and then unlocking process.

There are 3 attributes responsible for unlocking account in OAM: oblogintrycount, oblastloginattemptdate and oblockouttime.

All the above 3 attributes belong to one objectclass :  oblixpersonpwdpolicy

I am assuming that the objectclass oblixpersonpwdpolicy is already present in OAM and hence going to discuss about configuring attributes. I am going to show configuring an attribute oblastloginattemptdate in OAM Identity Console and the same process applies for other two attributes.

Select the attribute from Attribute column and specify the Display Name, Display Size, Text Size, Text Length.

Next step is to add the attribute in User Panels as shown below.

Save the configuration.

We are done with configuration.

It is just a two step process to unlock account. We have to search for locked user either in OAM Identity Console or in LDAP browser for three attribute values as shown in the screenshot below.

The 3 attribute values has to be deleted from the user Profile as shown below.

Task is completed. User will be able to login to the application with correct password (if known).

Referred material:

Metalink note: 314849.1

About the Author Mahendra

I am engulfed in Oracle Identity & Access Management domain. I have expertise on providing the optimized solutions for user provisioning, web access management, Single Sign-On and federation capabilities etc., I am also well versed with complex integrations within Identity Management and other product domains. I have expertise on building demos and implementation experience on products Oracle Access Manager, Oracle Adaptive Access Manager, Oracle Entitlement Server, Oracle Virtual Directory, Oracle Internet Directory etc., Look @ my blog: http://talkidentity.blogspot.com

Leave a Comment:

Not found