OAM/OIM schema passwords expired

I have OAM/OIM/ODSM 11g in my environment. While logging into sqlplus as ODS or OAM or OIM users it throws the error as shown in below screenshot.

So I have logged into DB as sys user and verified the status of ODS, OAM and OIM schema users. In my case, the schema users are ODS, DEV_OAM, DEV_OIM. Refer the below screenshot. It shows Account_status as expiry but in grace period.

So password policies has to be disabled. To do this execute the below SQL statement logging into SQL as SYS user:

ALTER PROFILE DEFAULT LIMIT FAILED_LOGIN_ATTEMPTS UNLIMITED PASSWORD_LIFE_TIME UNLIMITED PASSWORD_GRACE_TIME UNLIMITED; 

Enable the users by resetting their passwords using command

alter user dev_oam identified by admin123;

Execute the above statement for rest of users for which password is expired.

 

About the Author Mahendra

I am engulfed in Oracle Identity & Access Management domain. I have expertise on providing the optimized solutions for user provisioning, web access management, Single Sign-On and federation capabilities etc., I am also well versed with complex integrations within Identity Management and other product domains. I have expertise on building demos and implementation experience on products Oracle Access Manager, Oracle Adaptive Access Manager, Oracle Entitlement Server, Oracle Virtual Directory, Oracle Internet Directory etc., Look @ my blog: http://talkidentity.blogspot.com

Leave a Comment:

6 comments
Sid says December 21, 2012

Thanks a lot!!! This helped!!!

Reply
venkat28 says January 23, 2013

Hello Mahendra:

I am working in OAM. My OAM Schema password got expired and the DBA changed the password. I tried to update the new password via weblogic console in the datasource->connectionpool as well as the jdbc groups under security realms.

Now When I try to start the OAM Server I get the following error.

<Server subsystem failed. Reason: weblogic.security.SecurityInitializationException: The loading of OPSS java security policy provider failed due to exception, see the exception stack trace or the server log file for root cause. If still see no obvious cause, enable the debug flag -Djava.security.debug=jpspolicy to get more information. Error message: oracle.security.jps.service.credstore.CredStoreException: JPS-01050: Opening of wallet based credential store failed. Reason java.io.IOException: PKI-02002: Unable to open the wallet. Check password.

Reply
    Atul Kumar says January 24, 2013

    @ Venkat ,
    What is version of OAM 111g R1 or 11gR2 ? Did he change all schema password in database or just for OAM ?

    What is policy store configured for weblogic domain where OAM is deployed ?

    Reply
Mahendra says January 23, 2013

venkat28 ,

can you try to execute this command:

chmod -R 777 /tmp

Reply
Abhinay says February 26, 2015

Hi. I have recently changed the DEV_OAM and DEV_OPSS db schema password by following the above command
alter user dev_opss identified by xxxxxxx;
alter user dev_oam identified by xxxxxxx;

Now when i am trying to restart the Weblogic Admin server and Managed server i am getting the below error
————————————————-
internal Exception: java.sql.SQLException: ORA-01017: invalid username/password; logon denied

Error Code: 1017 Feb 20, 2015 10:58:08 PM oracle.security.jps.internal.credstore.ldap.LdapCredentialStore init WARNING: Could not create credential store instance. Reason oracle.security.jps.service.policystore.PolicyStoreConnectivityException: JPS-10000: There was an internal error in the policy store. JPS-01055: Could not create credential store instance. Reason oracle.security.jps.service.policystore.PolicyStoreConnectivityException: JPS-10000: There was an internal error in the policy store. Error: Diagnostics data was not saved to the credential store. Error: Validate operation has failed. [oracle@oamps2 bin]$ [oracle@oamps2 bin]$ tail -f AdminServer.out [EL Severe]: 2015-02-20 22:46:27.246–ServerSession(899981417)–Exception [EclipseLink-4002] (Eclipse Persistence Services – 2.3.1.v20111018-r10243): org.eclipse.persistence.exceptions.DatabaseException Internal Exception: java.sql.SQLException: ORA-01017: invalid username/password; logon denied

Error Code: 1017 Feb 20, 2015 10:46:27 PM oracle.security.jps.internal.credstore.ldap.LdapCredentialStore init WARNING: Could not create credential store instance. Reason oracle.security.jps.service.policystore.PolicyStoreConnectivityException: JPS-10000: There was an internal error in the policy store. JPS-01055: Could not create credential store instance. Reason oracle.security.jps.service.policystore.PolicyStoreConnectivityException: JPS-10000: There was an internal error in the policy store. Error: Diagnostics data was not saved to the credential store. Error: Validate operation has failed.

Need to do the security configuration first!
————————————————
can u please help me to resolve this

Reply
    Kirti says May 23, 2017

    Hi , Abhinav,
    I did the exact thing and am stuck with the same error. Could you tell me how you resolved it?

    Reply
Add Your Reply