1. 首頁
  2. 問答
  3. 使用訪問策略爲用戶配置Active Directory帳戶時出錯

使用訪問策略爲用戶配置Active Directory帳戶時出錯

2016-11-10 43 views
1

您好我的OIM11gR2PS3環境安裝了Active Directory 11.1.6.0.0 Connector配置。我們擁有附加到AD資源的密碼策略。使用訪問策略爲用戶配置Active Directory帳戶時出錯

早期用戶正在配置AD帳戶。但是從過去幾天在OIM AD帳戶中創建用戶的基礎上不在捆綁帳戶選項卡中看到。我檢查了它正確配置的訪問策略。用戶在角色成員的基礎上也獲得了正確的角色。

我檢查從OIM服務器OIM-server1的-dignostic.log文件,發現下面的堆棧跟蹤:

oracle.iam.platform.kernel.EventFailedException: An error occurred in oracle.iam.accesspolicy.impl.handlers.provisioning.ProvisionAccountActionHandler while provisioning resource 47,709 to user 13 and the cause of error is An error occurred in oracle.iam.provisioning.spi.DOBProvisioningMechanism/provision while provisioning application instance with key 0 to user with name 1161546 the cause of error is oracle.iam.provisioning.exception.GenericProvisioningException: DOBJ.USR_PASSWORD_DOES_NOT_MATCH_POLICY: H: Password Does Not Satisfy Policy: Max. Number of unicode characters=0 : Max. Number of unicode characters=0.. 
    at oracle.iam.accesspolicy.impl.util.AccessPolicyUtil.createEventFailedException(AccessPolicyUtil.java:289) 
    at oracle.iam.accesspolicy.impl.handlers.provisioning.ProvisionAccountActionHandler.execute(ProvisionAccountActionHandler.java:167) 
    at oracle.iam.accesspolicy.impl.handlers.provisioning.ProvisionAccountActionHandler.execute(ProvisionAccountActionHandler.java:70) 
    at oracle.iam.platform.kernel.impl.OIMEvent.executeHandlers(OIMEvent.java:214) 
    at oracle.iam.platform.kernel.impl.MonitoredOIMEvent.invokeExecuteHandler(MonitoredOIMEvent.java:99) 
    at oracle.iam.platform.kernel.impl.MonitoredOIMEvent.executeHandlers(MonitoredOIMEvent.java:69) 
    at oracle.iam.platform.kernel.impl.OIMEvent.execute(OIMEvent.java:157) 
    at oracle.iam.platform.kernel.impl.ProcessImpl.executeStage(ProcessImpl.java:223) 
    at oracle.iam.platform.kernel.impl.OIMProcess.doStageExecution(OIMProcess.java:62) 
    at oracle.iam.platform.kernel.impl.ProcessImpl.execute(ProcessImpl.java:182) 
    at oracle.iam.platform.kernel.impl.MonitoredOIMProcess.execute(MonitoredOIMProcess.java:33) 
    at oracle.iam.platform.kernel.impl.Utils.manageSyncProcessing(Utils.java:73) 
    at oracle.iam.platform.kernel.impl.OrchestrationAsyncTask$2.execute(OrchestrationAsyncTask.java:101) 
    at oracle.iam.platform.kernel.impl.Utils.executeInContext(Utils.java:60) 
at oracle.iam.platform.kernel.impl.Utils.executeInContext(Utils.java:46) 
    at oracle.iam.platform.kernel.impl.OrchestrationAsyncTask.executeInOrchContext(OrchestrationAsyncTask.java:97) 
    at oracle.iam.platform.kernel.impl.OrchestrationAsyncTask.execute(OrchestrationAsyncTask.java:74) 
    at oracle.iam.platform.async.impl.TaskExecutor.executeUnmanagedTask(TaskExecutor.java:99) 
    at oracle.iam.platform.async.impl.TaskExecutor.execute(TaskExecutor.java:69) 
    at oracle.iam.platform.async.messaging.MessageReceiver.onMessage(MessageReceiver.java:68) 
    at sun.reflect.GeneratedMethodAccessor3329.invoke(Unknown Source) 
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) 
    at java.lang.reflect.Method.invoke(Method.java:606) 
    at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310) 
    at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182) 
    at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149) 
    at com.bea.core.repackaged.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89) 
    at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171) 
    at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131) 
    at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119) 
    at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171) 
    at com.bea.core.repackaged.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204) 
    at com.sun.proxy.$Proxy647.onMessage(Unknown Source) 
    at weblogic.ejb.container.internal.MDListener.execute(MDListener.java:583) 
    at weblogic.ejb.container.internal.MDListener.transactionalOnMessage(MDListener.java:486) 
    at weblogic.ejb.container.internal.MDListener.onMessage(MDListener.java:388) 
    at weblogic.jms.client.JMSSession.onMessage(JMSSession.java:4817) 
    at weblogic.jms.client.JMSSession.execute(JMSSession.java:4491) 
    at weblogic.jms.client.JMSSession.executeMessage(JMSSession.java:3945) 
    at weblogic.jms.client.JMSSession.access$000(JMSSession.java:115) 
    at weblogic.jms.client.JMSSession$UseForRunnable.run(JMSSession.java:5337) 
    at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:550) 
    at weblogic.work.ExecuteThread.execute(ExecuteThread.java:263) 
    at weblogic.work.ExecuteThread.run(ExecuteThread.java:221) 
    Caused by: oracle.iam.provisioning.exception.GenericProvisioningException: An error occurred in oracle.iam.provisioning.spi.DOBProvisioningMechanism/provision while provisioning application instance with key 0 to user with name 1161546 the cause of error is oracle.iam.provisioning.exception.GenericProvisioningException: DOBJ.USR_PASSWORD_DOES_NOT_MATCH_POLICY: H: Password Does Not Satisfy Policy: Max. Number of unicode characters=0 : Max. Number of unicode characters=0. 
    at oracle.iam.provisioning.util.ProvisioningUtil.throwGenericProvisioningException(ProvisioningUtil.java:258) 
    at oracle.iam.provisioning.spi.DOBProvisioningMechanism.provision(DOBProvisioningMechanism.java:548) 
    at oracle.iam.provisioning.impl.ProvisioningServiceImpl.provision(ProvisioningServiceImpl.java:547) 
    at sun.reflect.GeneratedMethodAccessor3355.invoke(Unknown Source) 
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) 
    at java.lang.reflect.Method.invoke(Method.java:606) 
    at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307) 
    at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182) 
    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149) 
    at oracle.iam.platform.utils.DMSMethodInterceptor.invoke(DMSMethodInterceptor.java:35) 
    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171) 
    at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204) 
    at com.sun.proxy.$Proxy609.provision(Unknown Source)at oracle.iam.accesspolicy.impl.handlers.provisioning.ProvisionAccountActionHandler.execute(ProvisionAccountActionHandler.java:164) 
    ... 42 more

任何幫助,在最早的將是有益的。

來源

2016-11-10 varpekv

回答

1

錯誤是由於連接到AD資源的密碼策略造成的。有密碼策略配置,其中某人修改了最大的Unicode字符數爲0.由於AD配置失敗,因爲系統無法根據密碼策略驗證用戶的密碼。

我已將最大數量的unicode字符設置爲空白。試圖將AD帳戶配置給用戶時,它已成功完成。

謝謝

來源

2016-11-12 16:27:42 varpekv

相關問題

 相關問題