Portal user got LOCKED GLOBALLY

How can we remove the lock on PORTAL30 user.
We entered the password wrong few times and it is locked globally. But we are now not able to enter and remove the lock.
Is there a way to remove the lock?
Thanks
Vikas

Please see the following post:
http://technet.oracle.com:89/ubb/Forum83/HTML/000015.html

Similar Messages

  • CUA SU10 issue with users getting locked

    I did some role change using SU10 on CUA central system for 200 users. 45 of the users got locked with global admin lock in the child system for which I made the role changes.  These user locks are shown in the child system change documents log as changes by the CUA RFC user. I have this problem everytime I use su10. Why does this happen?  What can I do about it? Thanks, KT

    Hi Todd,
    propably you have some inconsistencies in your landscape....
    the cause of such 'unwanted' effects is the fact that if you change a user in your CUA central system, the whole user information is picked, then edited with you changes and afterwards distributed to all child systems.
    So what I could imagine in your example is as follows:
    User has a global lock in central system already, the particular child system did not have that information (user is still unlocked there). Several causes are possible, for instance the lock idoc did not get processed, Child system was not available/connected to CUA when the lock had been set,......).
    At the next update of that user (assign a role), the lock information from the central system is pushed to that child.
    Why?
    Because the design is to assure data consistency between central and child system. Therefore all the user information from central system is pushed to child at any user change. (that is also why you will see in SCUL 3 idocs for each user change (also user and profile idocs are pushed, even if you have changed the role assignement only).
    So what you could check is, if that users got the lock flag (128) already in the past somewhen.
    b.rgds, Bernhard

  • How to force logout of portal user

    Hi all,
    we're currently facing trouble with portal users being "locked" in the portal. They are not locked in the ume sense, but when trying to logon they are only able to see navigation framework, and no content. The only content we're using in the portal is MSS/ESS, so the content we're trying to load is from R/3.
    My idea is to manually log out the user in trubble from the portal.
    Now; I can see see active http_sessions using the telnet Administrator session, but I can't find a way to force logout a user. Can anyone please tell me how to?
    We're using Portal SP11, and ESS/MSS SP7.
    I'm thankful for all input! Points will be handed out of course.
    Kind regards,
    Andreas

    hi,
       Try this code.This might help you.
    IPortalComponentRequest request=(IPortalComponentRequest) this.getRequest();
              IAuthentication Authen = UMFactory.getAuthenticator();
    HttpServletRequest req = request.getServletRequest();
    HttpServletResponse res = request.getServletResponse(true);
    //logoff user from Portal
    Authen.forceLogoffUser(req, res,"");
    The third argument is a string which is the redirection URL.
    Regards,
    Srinath

  • Portal User Locked Hourly ..

    Hi,
    I have a very strange problem.
    Since a password change of the portal user "Administrator", this account is locked hourly.
    OS: W2k8
    DB: MSSQL 2k8
    SAP: Portal 7.00
    User: Administrator (UME)
    Portal IP: 192.168.1.1
    responses.trc
    [May 14, 2014 8:42:02 AM ] - 192.168.1.1 : POST /sld/cimom HTTP/1.1 401 1792
    [May 14, 2014 8:42:02 AM ] - 192.168.1.1 : POST /sld/cimom HTTP/1.1 401 1792
    [May 14, 2014 8:42:03 AM ] - 192.168.1.1 : POST /sld/cimom HTTP/1.1 401 1792
    [May 14, 2014 8:42:03 AM ] - 192.168.1.1 : POST /sld/cimom HTTP/1.1 401 1792
    [May 14, 2014 9:42:01 AM ] - 192.168.1.1 : POST /sld/cimom HTTP/1.1 401 1792
    [May 14, 2014 9:42:01 AM ] - 192.168.1.1 : POST /sld/cimom HTTP/1.1 401 1792
    [May 14, 2014 9:42:01 AM ] - 192.168.1.1 : POST /sld/cimom HTTP/1.1 401 1792
    [May 14, 2014 9:42:01 AM ] - 192.168.1.1 : POST /sld/cimom HTTP/1.1 401 1792
    security.log
    #1.5 #00155D11160300650000014F00000F000004F95827B00C09#1400056919503#/System/Security/Audit##com.sap.security.core.util.SecurityAudit#Guest#0#SAP J2EE Engine JTA Transaction : [045ffffffe5ffffff8e00ffffffcefffffffa]#n/a##9d0725f0db4311e3c01800155d111603#SAPEngine_Application_Thread[impl:3]_0##0#0#Warning#1#com.sap.security.core.util.SecurityAudit#Plain###Guest    | USERACCOUNT.MODIFY    | UACC.PRIVATE_DATASOURCE.un:Administrator    |     | SET_ATTRIBUTE: lastfailedlogon=[{0001400053321593} -> {0001400056919450}], SET_ATTRIBUTE: PRINCIPAL_MODIFY_DATE=[{0001400053367448} -> {0001400056919483}], SET_ATTRIBUTE: failedlogonattempts=[{0} -> {1}], SET_ATTRIBUTE: LAST_MODIFIED_BY=[{} -> {Guest}]#
    #1.5 #00155D11160300650000015000000F000004F95827B03D0C#1400056919521#/System/Security/Authentication##com.sap.engine.services.security.authentication.logincontext#Guest#0##n/a##9d0725f0db4311e3c01800155d111603#SAPEngine_Application_Thread[impl:3]_0##0#0#Info#1#com.sap.engine.services.security.authentication.logincontext#Plain###LOGIN.FAILED
    User: N/A
    Authentication Stack: sap.com/com.sap.lcr*sld
    Login Module                                                                                                         Flag        Initialize  Login      Commit     Abort      Details
    1. com.sap.security.core.server.jaas.EvaluateTicketLoginModule             SUFFICIENT  ok          false                 true      
    2. com.sap.engine.services.security.server.jaas.BasicPasswordLoginModule   REQUISITE   ok          exception             true       Authentication did not succeed.
    3. com.sap.security.core.server.jaas.CreateTicketLoginModule               OPTIONAL    ok                                true       #
    #1.5 #00155D111603006F0000014100000F000004F95827B072ED#1400056919624#/System/Security/Audit##com.sap.security.core.util.SecurityAudit#Guest#0#SAP J2EE Engine JTA Transaction : [045ffffffe5ffffff8e00ffffffcf0]#n/a##9d199c80db4311e38ead00155d111603#SAPEngine_Application_Thread[impl:3]_4##0#0#Warning#1#com.sap.security.core.util.SecurityAudit#Plain###Guest    | USERACCOUNT.MODIFY    | UACC.PRIVATE_DATASOURCE.un:Administrator    |     | SET_ATTRIBUTE: LAST_MODIFIED_BY=[{} -> {Guest}], SET_ATTRIBUTE: PRINCIPAL_MODIFY_DATE=[{0001400056919483} -> {0001400056919606}], SET_ATTRIBUTE: lastfailedlogon=[{0001400056919450} -> {0001400056919576}], SET_ATTRIBUTE: failedlogonattempts=[{1} -> {2}]#
    #1.5 #00155D111603006F0000014200000F000004F95827B0B823#1400056919654#/System/Security/Authentication##com.sap.engine.services.security.authentication.logincontext#Guest#0##n/a##9d199c80db4311e38ead00155d111603#SAPEngine_Application_Thread[impl:3]_4##0#0#Info#1#com.sap.engine.services.security.authentication.logincontext#Plain###LOGIN.FAILED
    User: N/A
    Authentication Stack: sap.com/com.sap.lcr*sld
    Login Module                                                               Flag        Initialize  Login      Commit     Abort      Details
    1. com.sap.security.core.server.jaas.EvaluateTicketLoginModule             SUFFICIENT  ok          false                 true      
    2. com.sap.engine.services.security.server.jaas.BasicPasswordLoginModule   REQUISITE   ok          exception             true       Authentication did not succeed.
    3. com.sap.security.core.server.jaas.CreateTicketLoginModule               OPTIONAL    ok                                true       #
    #1.5 #00155D111603006A0000019C00000F000004F95827B45A12#1400056920281#/System/Security/Audit##com.sap.security.core.util.SecurityAudit#Guest#0#SAP J2EE Engine JTA Transaction : [045ffffffe5ffffff8e00ffffffcf7]#n/a##9d7ddc90db4311e3b8e200155d111603#SAPEngine_Application_Thread[impl:3]_19##0#0#Warning#1#com.sap.security.core.util.SecurityAudit#Plain###Guest    | USERACCOUNT.MODIFY    | UACC.PRIVATE_DATASOURCE.un:Administrator    |     | SET_ATTRIBUTE: PRINCIPAL_MODIFY_DATE=[{0001400056919606} -> {0001400056920260}], SET_ATTRIBUTE: failedlogonattempts=[{2} -> {3}], SET_ATTRIBUTE: LAST_MODIFIED_BY=[{} -> {Guest}], SET_ATTRIBUTE: lastfailedlogon=[{0001400056919576} -> {0001400056920224}]#
    #1.5 #00155D111603006A0000019D00000F000004F95827B463A9#1400056920295#/System/Security/Authentication##com.sap.engine.services.security.authentication.logincontext#Guest#0##n/a##9d7ddc90db4311e3b8e200155d111603#SAPEngine_Application_Thread[impl:3]_19##0#0#Info#1#com.sap.engine.services.security.authentication.logincontext#Plain###LOGIN.FAILED
    User: N/A
    Authentication Stack: sap.com/com.sap.lcr*sld
    Login Module                                                               Flag        Initialize  Login      Commit     Abort      Details
    1. com.sap.security.core.server.jaas.EvaluateTicketLoginModule             SUFFICIENT  ok          false                 true      
    2. com.sap.engine.services.security.server.jaas.BasicPasswordLoginModule   REQUISITE   ok          exception             true       Authentication did not succeed.
    3. com.sap.security.core.server.jaas.CreateTicketLoginModule               OPTIONAL    ok                                true       #
    #1.5 #00155D111603005E000000FF00000F000004F95827B4A30A#1400056920413#/System/Security/Audit##com.sap.security.core.util.SecurityAudit#Guest#0#SAP J2EE Engine JTA Transaction : [045ffffffe5ffffff8e00ffffffcfd]#n/a##9d9200d0db4311e3a8cf00155d111603#SAPEngine_Application_Thread[impl:3]_24##0#0#Warning#1#com.sap.security.core.util.SecurityAudit#Plain###Guest    | USERACCOUNT.MODIFY    | UACC.PRIVATE_DATASOURCE.un:Administrator    |     | SET_ATTRIBUTE: lastfailedlogon=[{0001400056920224} -> {0001400056920362}], SET_ATTRIBUTE: LAST_MODIFIED_BY=[{} -> {Guest}], SET_ATTRIBUTE: failedlogonattempts=[{3} -> {4}], SET_ATTRIBUTE: PRINCIPAL_MODIFY_DATE=[{0001400056920260} -> {0001400056920395}]#
    #1.5 #00155D111603005E0000010000000F000004F95827B4AB21#1400056920424#/System/Security/Authentication##com.sap.engine.services.security.authentication.logincontext#Guest#0##n/a##9d9200d0db4311e3a8cf00155d111603#SAPEngine_Application_Thread[impl:3]_24##0#0#Info#1#com.sap.engine.services.security.authentication.logincontext#Plain###LOGIN.FAILED
    User: N/A
    Authentication Stack: sap.com/com.sap.lcr*sld
    Login Module                                                               Flag        Initialize  Login      Commit     Abort      Details
    1. com.sap.security.core.server.jaas.EvaluateTicketLoginModule             SUFFICIENT  ok          false                 true      
    2. com.sap.engine.services.security.server.jaas.BasicPasswordLoginModule   REQUISITE   ok          exception             true       Authentication did not succeed.
    3. com.sap.security.core.server.jaas.CreateTicketLoginModule               OPTIONAL    ok                                true       #
    Normaly that means that the CIM Client is not correctly configured, but the SLD runs over the SolMan (7.1) and in the VisualAdmin > Server > Services > SLD Data Supplier
    HTTP Settings and CIM Client Settings are set to the SolMan host and uses the SLDDSUSER to sync the data with the SLD.
    Does anyone have an idea what process will connect hourly to the portal where the Administrator is set as user?
    I've been searching and reading the now for over two days on the SCN and the web, but I didn't figured it out.
    It looks like the portal itselfs want to connect to the local /sld/cimom but the SLD of the portal is still stopped, and also if its running, I get the same error every hour.
    Thanks for any advise!
    Tobias

    Hi Tobias,
    Please do the following once, if possible.
    1. Please change the password of administrator user and save the password in secure store and recycle the system.
    2. You may create a user with equivalent access/permission like administrator temporarily, until this problem is resolved, so that you can unlock the administrator logging in with that id.
    3. Please check if that administrator is being used in any connection from java stack, where the password is still old.
    4. Attach the default trace here at the time when the user is getting locked. We want to check further.
    5. You can follow what David advised in the SAP note, if you can identify the real cause, otherwise follow the above steps.
    Thanks.
    Regards,
    Sujit Kumar Banerjee.

  • Continuous Portal User Locking

    Hi Experts
    We are experiencing a problem where the Portal Users are continuously locking themselves when accessing Travel Management.
    There doesn't seem to be any valid reason for this and we can't even replicate the problem consistently to try and determine where the problem may lie.
    Has anybody else experienced this?
    Is there maybe a SAP Note that I can't find which may fix the problem?
    Any help and advice will be appreciated, thanks.
    Anton

    Hi Anton
    Our developers corrected the application with OSS note 1466697 for WD ABAP with application of "dirty flag" but there were rendering corrections released for work protect mode  - "work protect JS" in the new UR library
    1543743
    1543744
    I'm not WD ABAP expert but I believe this works using wdr_test_portal_workprotect - I searched for similar issue and one other thing to check is the following as otherwise not adhering to following rules can cause issue with locking and navigation.
    - Both, the Portal URL and the Web Dynpro ABAP URL need to be URLs with
    a fully qualified domain name, ending with a common part of the fully
    qualified domain name.
    Fully Qualified Domain Names (FQDN): http://help.sap.
    com/saphelp_nw70/helpdata/EN/67/be9442572e1231e10000000a1550b0/frameset.
    htm
    - Web Dynpro ABAP is integrated in a Web Dynpro ABAP iView, and must not
    be integrated in a URL iView
    Creating Web Dynpro ABAP iViews: http://help.sap.
    com/saphelp_nw70/helpdata/EN/1d/e4a34273f60b31e10000000a1550b0/frameset.
    htm

  • How to find out which user has locked a particular record of a table

    Hi
    Is it possible to know - which user has locked a particular record (I know the primary key of the record) of a table
    Regards

    select     OS_USER_NAME os_user,
         PROCESS os_pid,
         ORACLE_USERNAME oracle_user,
         l.SID oracle_id,
         decode(TYPE,
              'MR', 'Media Recovery',
              'RT', 'Redo Thread',
              'UN', 'User Name',
              'TX', 'Transaction',
              'TM', 'DML',
              'UL', 'PL/SQL User Lock',
              'DX', 'Distributed Xaction',
              'CF', 'Control File',
              'IS', 'Instance State',
              'FS', 'File Set',
              'IR', 'Instance Recovery',
              'ST', 'Disk Space Transaction',
              'TS', 'Temp Segment',
              'IV', 'Library Cache Invalidation',
              'LS', 'Log Start or Switch',
              'RW', 'Row Wait',
              'SQ', 'Sequence Number',
              'TE', 'Extend Table',
              'TT', 'Temp Table', type) lock_type,
         decode(LMODE,
              0, 'None',
              1, 'Null',
              2, 'Row-S (SS)',
              3, 'Row-X (SX)',
              4, 'Share',
              5, 'S/Row-X (SSX)',
              6, 'Exclusive', lmode) lock_held,
         decode(REQUEST,
              0, 'None',
              1, 'Null',
              2, 'Row-S (SS)',
              3, 'Row-X (SX)',
              4, 'Share',
              5, 'S/Row-X (SSX)',
              6, 'Exclusive', request) lock_requested,
         decode(BLOCK,
              0, 'Not Blocking',
              1, 'Blocking',
              2, 'Global', block) status,
         OWNER,
         OBJECT_NAME
    from     v$locked_object lo,
         dba_objects do,
         v$lock l
    where      lo.OBJECT_ID = do.OBJECT_ID
    AND l.SID = lo.SESSION_ID
    hope this helps
    Zekeriya

  • How to Restrict same portal user from other node

    Hi
    In my application, we charge customers for each portal user logins. But, i found that, they can share same user logins amongs number of people.
    I don't want to allow the same portal user login into the application if that user is already logged in and it's session is still active.
    Here is the Scenario :
    User A is logged in to the portal from terminal AA. Now, User A agin tries to logg in to the portal from terminal BB. I don't wnat to allow user A to log in from terminal BB bcuz user A has active session from terminal AA.
    Can anyone know how to implement this??
    thanks in advance.
    Srini

    Hi Srini!
    We have solved this problem with our own login portlet. Before the final login we've got to check (from the certain table) how many logins there are currently with that username.
    But there is a problem. If the user closes the browser without logoff, the session remains active. There is a cleanup job, which removes those session in some hours. Still it is not very elegant.
    Regards,
    Jari

  • Can not receive messages - user mailbox locked

    Suddenly my incoming messages stopped coming and a dialogue box appeard, saying: "The sending of password failed. The e-mail server (pop3) answered user mailbox locked."
    I've been in contact with my internet service provider and they found nothing wrong from their side. I can access my mail on the webmail and I can send email from my account.
    I've checked the way the server and the account is configured and everything seems to be ok and according to manuals from both the ISP and Thunderbird. How can I get may incoming mail working again? Hoping for help!

    Yes I asked. That was the first thing I did. And there's nothing wrong on the provider's side. They didn't lock the account and found it very unusual. They didn't know much about Thunderbird, however...
    But I got hands-on-help from my son yesterday and that might have (almost) solved it. Seems that Thunderbird can't have both IMAP and POP3 accounts running and there might have been something in this that disturbed the flow. He made a new inbox and things started to work again. But it's still not working 100 %.

  • Details regarding Portal users vs 8i DB users

    Is there a good DBA level explanation of the differences between a PORTAL/SSO user and a normal database user?
    It appears we have to set up new users in Portal for all of our existing users in the database (painful). This was not required in Webdb. Is there a way to import existing database users and link them to their existing schemas painlessly?
    The bits and pieces I can find indicate that if you do go ahead and set up a new Portal user manually and link them to their own existing database user schema then the normal database objects roles and rights should appear. This does not seem to be true in 3.0.8 Portal. I created a portal user, assigned them to their existing 8.1.7 schema and:
    1) the normal database objects they have rights to do NOT show up in the browse database objects. In Webdb 2.2. all of these objects show up fine. The ability to browse database objects was one of the good things about Webdb that we need to preserve.
    2) try to create a portal component, a form, based on a table/view. Unlike #1 above I can in fact create the form on an existing table even though it does not show up in the browse above. The user has update rights to this table, but the form will NOT compile if I leave in the UPDATE, DELETE, INSERT buttons. What is going on?
    Is there a technical paper that discusses exactly how to map db users to portal users and how to transfer rights, privileges etc. so we can make portal 3.0 as functional as webdb 2.2 was?

    Quinn,
    Here are my answers:
    1) the normal database objects they have rights to do NOT show up in the browse database objects. In Webdb 2.2. all of these objects show up fine. The ability to browse database objects was one of the good things about Webdb that we need to preserve.
    Ans))
    You have better control on this ability now.
    2) try to create a portal component, a form, based on a table/view. Unlike #1 above I can in fact create the form on an existing table even though it does not show up in the browse above. The user has update rights to this table, but the form will NOT compile if I leave in the UPDATE, DELETE, INSERT buttons. What is going on?
    Ans))
    The ability to create a component in Oracle Portal 3.0 no longer depends on whether the developer has privileges to build components in a schema, but instead on whether the developer has privileges to build a component in an application.
    =====
    Is there a technical paper that discusses exactly how to map db users to portal users and how to transfer rights, privileges etc. so we can make portal 3.0 as functional as webdb 2.2 was?
    Ans))
    Read the following help:
    a) Migrating WebDb users to Oracle Portal.
    b) What are schema and object privileges?
    c) What are global privileges?
    d) What's the difference between an Oracle Portal User & an Oracle Database User?
    ====================
    Now the next question is..Where to find them?
    Here are the location:
    login > Navigator > Database Objects tab>
    Click on "Grant Access" > Click on the context help.
    Here under the related topics you will find:
    (b). Click on it:
    Again under the related topics you will find:
    (a) & (d) (Both are same).
    For (c):
    login > Create a user > edit that user > click on "Privileges" tab > context help.
    Hope this will clear your doubts...
    Thanx,
    Chetan.

  • Exporting and Importing Portal users from Source system to Target system

    Hi All,
    I have exported all portal users from source portal in to file Users.txt do i need to convert this file in to some other format so that i can import these users in Target portal.
    any links documents
    Regards,
    Murali

    Hi,
    If you look in to User.txt
    I have role also i have deleted role in User.txt uploded file with rest of the otherdata including group it it able to create users.
    so in Nut shell let's say
    1. UID-Murali
       Role- Manager
      Group- HRGroup
    user existing  in DEV and i want to trnasfer data to PRD
    Role:Manger should exist in PRD, and group is not mandatory optional
    but the link http://help.sap.com/saphelp_nw70/helpdata/EN/ae/7cdf3dffadd95ee10000000a114084/frameset.htm
    says while uploading users role is optional it throws waring but i got error.
    i am bit confused.
    Now let's sau there are 10 users, 10 roles and 2 groups in source system if i want to export all users,roles,groups to target system what sequnce i have to follow without getting any error , warining is there any restriction on number of users, roles, groups i know file size should be less than 1MB.
    Points are on the way.
    Regards,
    Murali

  • Creating portal users with owner privileges?

    Hello,
    I need to let local adminstrators create users in the portal.
    This is based on instance-specific privileges, not global.
    Setting them to 'owners' of the group in the portal should let them add users.
    Once created and I log in as one of them I do not have the privileges of being an
    'owner', eventhough it's visible in the portal that I am an owner.
    Anybody?
    /

    Hi,
    To make the problem a little clearer.
    I want to have "local adminstrators" that can manage portal users i.e; delete, insert and update portal users.
    However I do not want these "local administrators" to be "Full administrators"- too dangerous.
    The "local adminstrators" should belong to the same group as the users they are set to administer. The
    only difference between a "local administrator" and a user of a group is that the "local administrator" have privileges
    to manage the other users of the group. If I have understood the concept right an owner have these privileges.
    I made them owners of the group, but this did not enable them to manage users.
    This must be a rather common approach, to have some users being able to administer other users without being a fullfledge DBA.
    Right now I'm looking into mapping them(the local administrators) to a different database schema with rights to manage users.
    I realize that to map them to another schema, then the checkbox "Use this schema for Portal Users" have to be checked when creating the
    schema. How do I check if this was checked and if it wasn't checked can I alter it now?
    Another thought is to dynamically upon meeting certain conditions making them Full Administrators, then after finishing the task
    reinstating them as normal users.. but this.. well hmm
    Thanks.
    /

  • How to map Portal User groups to a MDM System?

    Hi,
    Have anyone tried mapping portal user group to a MDM System?
    The idea is to avoid each user to do user mapping for MDM of their own.
    When i look into the usermapping section of a portal user group, it shows me a message -
    "There are no systems available for user mapping for the selected principal"
    Thanks and best regards,
    Arun prabhu S

    Hi All,
    Got it!
    1. Create portal users,
    2. Create a portal user group,
    3. Assign Users to User group,
    4. Go to System Administration, edit permission of the MDM system, add the user group to the MDM system permission list and save
    5. Go to User Management, modify the user grooup, go to the User mapping of the user group and do mapping for MDM system and user group using a valid MDM User name and password and Save
    6. In User Management, modify the Portal role for MDM , add the user group to the role and save
    7. Edit permission of the role object, add the user group to the permission list and save
    Result:
    All the users assigned to the user group will be able to access MDM information on the portal correspond to the MDM mapping done at the user group level. This avoids self user mapping in personalization link.
    Best regards,
    Arun prabhu S

  • Error when editing Portal User Profiles

    Hi there,
    I got this error message when editing Portal User Profiles
    Error: The specified user does not exist. (WWC-41406).
    I can select users from OID, but can't edit them.
    Note: these users are imported from AD and placed in a different OU other than users container in OID.
    But, If I create a user in the same OU from Portal Administration page, then I can select and edit that user's Portal Profile.
    So what's the difference between imported users and the user created from Portal?
    Please advise.
    Thanks,
    Geoff

    REPORTSDEV was an invalid user so we dropped this user and started over and now it works.
    <BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:</font><HR>Originally posted by GREGG SAKSEFSKI ([email protected]):
    I'm tring to edit user REPORTSDEV.
    So I'm on the "Administer" tab and enter "REPORSDEV" in the User box and press <EDIT> button.
    After a couple minuates I receive the error below:
    Error: Unexpected error encountered in wwsec_api.id_sso (User-Defined Exception) (WWC-41417)
    The system failed to retrieve the necessary HTTP request to the Login Server to validate this user. (WWC-41447)
    Any ideas???<HR></BLOCKQUOTE>
    null

  • Help solve OIM puzzle - OIM Authenticator == "weblogic user soft locked"

    Hi,
    I just completed an installation of IDAM 11g including OIM. I've done several, with different configurations, but this one is on Centos 64-bit.
    Everything seems to be working, but whenever I start the soa_server1 and oim_server1 managed server, I start seeing messages in the Adminserver stdout from <OIMAuthenticator>, saying that the weblogic user is "soft locked". If I go into OIM Admin, the 'WEBLOGIC' user is locked, and if I unlock that user in OIM Admin, the msgs from Adminserver change to "failed authentication" a few times, then I get the "soft locked" messages again.
    I've been trying to track this problem down for almost a week now. I'm "close" to understanding what might be going on, but I'm kind of at an impasse right now, so I figured I'd post what I've found thus far, and see if anyone here has any ideas.
    1) With this installation, I first installed a basic WebLogic domain, with a password (e.g., "password1").
    2) When I got to the IDAM installation, because there was a password policy, I had to use a password with upper-case in it (e.g., "Password1"), for all responses, except when it asked for the info for accessing the WebLogic Adminserver, in which case I responded with the original weblogic password (e.g., "password1").
    3) I have both the DefaultAuthenticator and the OIMAuthenticator in the security realm, with the DefaultAuthenticator at the top, above the OIMAuthenticator. Both authenticators are set to "SUFFICIENT".
    4) I think that SOMETHING is intermittently (~ every minute) trying to authenticate using the "weblogic" user, but whatever that is, it has the "wrong" password.
    5) My understanding is that normally, when OIM is installed, the 'WEBLOGIC' user is added to OIM, with an "empty" password, and I confirmed via sqlplus, that the USR_PASSWORD in the OIM USR table is indeed empty.
    6) I think that with the order that the authenticators are in, DefaultAuthenticator would attempt to authenticate, and then OIMAuthenticator would attempt to authenticate. Since both are set to SUFFICIENT, if an authentication against DefaultAuthenticator succeeds, the authentication would be considered "successful".
    Based on all of the above, it seems like whatever the process that is trying to do those authentications is, it has a password that is not "password1" (since if it was using "password1", then the DefaultAuthenticator" would successfully authenticate, and it shouldn't try the OIMAuthenticator), and then OIMAuthenticator is trying to authenticate. Since the USR_PASSWORD is empty, OIMAuthenticator would always fail authentication, and thus the "failed authentication" errors followed by the "soft locked" msgs.
    7) I've tried to track down "what" process is doing the authentications, and I believe that it is EMAGENT. The reason that I say this is that if I stop EMAGENT using opmnctl, the "soft locked" messages stop.
    8) I've tried to set the "monitoring credentials" for the "weblogic" user in EM, to match the "password1", but even after I do that, I still see the "soft locked" msgs, and if I unlock the 'WEBLOGIC' use in OIM, then I get several "failed authentication" followed by the "soft locked" msgs again.
    9) I did an experiment (I'm running this under VMware, so I was able to do a snapshot and then revert after the experiment), where I set the password for the 'WEBLOGIC' user in OIM Admin to the "Password1", and after I did that, the "soft locked" errors stopped, so I believe that whatever process is attempting to authenticate is using the "Password1" password, rather than the "password1" password.
    I also have another earlier installation, that I installed using the "normal" way, i.e., letting the config.sh create a new WL domain, and that works and I don't get these "soft locked" msgs at all. That configuration also has USR_PASSWORD empty in the OIM database USR table.
    So, the question that I have is how do I get the EMAGENT to use the "password1" password instead of the "Password1" password?
    As I mentioned above, I tried changing that in the EM monitoring credentials, but that didn't seem to fix the problem (still got "soft locked" msgs).
    Maybe I've been staring at this problem too long, and am missing something, so I hope that someone can post some suggestions.
    Thanks,
    Jim

    Hi,
    I'm afraid that I'm not doing a very good job explaining what worries me.
    Specifically, I don't understand WHY the authentication of the 'weblogic' user against the DefaultAuthenticator is failing. I know that the reason that OIM is locking the 'WEBLOGIC' user is that the DefaultAuthenticator authentication is failing, causing the attempt to authenticate against the OIMAuthenticator (which also fails because USR_PASSWORD is empty), but why is that authentication against DefaultAuthenticator failing?
    More particularly, I'd really like to find out how to change the password that whatever is trying to do that authentication is using.
    As I said, I tried changing the monitoring credentials in EM already. I think that that actually changed SOMETHING, but not everything. Before that I was seeing 3 soft locked msgs every minute. After I changed the monitoring credentials to a completely different user that I created in the WL Console (emagent_monitor, member of the Monitors group in WL Console), instead of getting 3 msgs per minute, I'm now getting 1 msg per minute.
    So, it appears that it's something else, other than the monitoring credentials, i.e., something else (I don't know what) is trying to authenticate with the 'weblogic' user, but with bad password.
    Jim

  • Local user got deactivated - login not possible

    Hi all,
    I have a Macbook using an user assigned to a domain and two local users also which are not assigned to that domain. I never had any issues so far and also assigned all three users as administrators.
    Just now after I have used the domain user and wanted to logon to one of the local users, the password has not been accepted and a message stated that the user gots deactivated and I should contact the system administrator. I tried also the other local user and the same message appears.
    I tried several things like disconnect from any network, removed the domain at the user settings, restarted several times but nothing helped. What is also very odd is that the checkbox for the quick user change is deactivated and cannot be checked.
    Anyone had this also and knows a fix for this?
    The system runs Mac OS X Yosemite 10.10.
    Thanks!

    Once you are in the web browser:
    You can log in by using:
    -Portal URL.System will ask you email as ID
    -URL that directs you to ITS( is an URL that contains the string BBPSTART).System will ask you your user ID, PW and  client.
    My point is to check if ITS is working and portal not.
    Thanks and Regards,
    Abraham

Maybe you are looking for

  • How to install SQL server 2008 express on Windows server 2008 R2 standard OS

    Hi, I have Windows server 2008 R2 Standard edition (64-bit) and trying to install SQL server 2008 express edition since I do not have SQL server 2008. When I install it I am unable to see Management Studio so I am trying to install management studio

  • Output Error in Billing

    Hi, We have currently configured the VAT for higher secondary Cess and VF02 getting the Error in billing print preview and printing. for the higher secondary cess appears twice in the printing I have checked it in pricing procd.and also ine the Billi

  • Can't see shared printer with IOS 6 on ipad 3rd generation

    I just upgraded my 3rd generation ipad to iOS 6.0 and now it won't see the shared printers at my office. The printers are shared on a Mac mini server running OS X Server Lion 10.7.4. I can still see the shared printers and can print to them from a 3r

  • Kernel building with ABS

    I have a question. How do I configure the resulting package so that it won't attempt to overwrite the module and header directories that are set by the current ARCH kernel? For example, I get this error if I do "sudo pacman -A kernel26201-ARCH-2.6.20

  • HT1349 why won't my songs play

    I recently download an album and s few singles and they only play for a few seconds. I have over 350 songs from itunes and they all play. The music downloads fine and goes into my library, but still only plays a few seconds of each song. I began havi