Java 使用访问策略向用户设置Active Directory帐户时出错
您好,我安装了OIM11gR2PS3环境,并配置了Active Directory 11.1.6.0.0连接器。我们已将密码策略附加到广告资源 早期用户已设置广告帐户。但从最近几天开始,用户在OIM中创建的广告帐户不在帐户选项卡中。我检查了访问策略,它配置正确。用户还可以根据角色成员资格获得正确的角色 我检查了oim服务器中的oim-server1-dignostic.log文件,发现堆栈跟踪如下:Java 使用访问策略向用户设置Active Directory帐户时出错,java,active-directory,identity-management,oim,Java,Active Directory,Identity Management,Oim,您好,我安装了OIM11gR2PS3环境,并配置了Active Directory 11.1.6.0.0连接器。我们已将密码策略附加到广告资源 早期用户已设置广告帐户。但从最近几天开始,用户在OIM中创建的广告帐户不在帐户选项卡中。我检查了访问策略,它配置正确。用户还可以根据角色成员资格获得正确的角色 我检查了oim服务器中的oim-server1-dignostic.log文件,发现堆栈跟踪如下: oracle.iam.platform.kernel.EventFailedException:
oracle.iam.platform.kernel.EventFailedException: An error occurred in oracle.iam.accesspolicy.impl.handlers.provisioning.ProvisionAccountActionHandler while provisioning resource 47,709 to user 13 and the cause of error is An error occurred in oracle.iam.provisioning.spi.DOBProvisioningMechanism/provision while provisioning application instance with key 0 to user with name 1161546 the cause of error is oracle.iam.provisioning.exception.GenericProvisioningException: DOBJ.USR_PASSWORD_DOES_NOT_MATCH_POLICY: H: Password Does Not Satisfy Policy: Max. Number of unicode characters=0 : Max. Number of unicode characters=0..
at oracle.iam.accesspolicy.impl.util.AccessPolicyUtil.createEventFailedException(AccessPolicyUtil.java:289)
at oracle.iam.accesspolicy.impl.handlers.provisioning.ProvisionAccountActionHandler.execute(ProvisionAccountActionHandler.java:167)
at oracle.iam.accesspolicy.impl.handlers.provisioning.ProvisionAccountActionHandler.execute(ProvisionAccountActionHandler.java:70)
at oracle.iam.platform.kernel.impl.OIMEvent.executeHandlers(OIMEvent.java:214)
at oracle.iam.platform.kernel.impl.MonitoredOIMEvent.invokeExecuteHandler(MonitoredOIMEvent.java:99)
at oracle.iam.platform.kernel.impl.MonitoredOIMEvent.executeHandlers(MonitoredOIMEvent.java:69)
at oracle.iam.platform.kernel.impl.OIMEvent.execute(OIMEvent.java:157)
at oracle.iam.platform.kernel.impl.ProcessImpl.executeStage(ProcessImpl.java:223)
at oracle.iam.platform.kernel.impl.OIMProcess.doStageExecution(OIMProcess.java:62)
at oracle.iam.platform.kernel.impl.ProcessImpl.execute(ProcessImpl.java:182)
at oracle.iam.platform.kernel.impl.MonitoredOIMProcess.execute(MonitoredOIMProcess.java:33)
at oracle.iam.platform.kernel.impl.Utils.manageSyncProcessing(Utils.java:73)
at oracle.iam.platform.kernel.impl.OrchestrationAsyncTask$2.execute(OrchestrationAsyncTask.java:101)
at oracle.iam.platform.kernel.impl.Utils.executeInContext(Utils.java:60)
at oracle.iam.platform.kernel.impl.Utils.executeInContext(Utils.java:46)
at oracle.iam.platform.kernel.impl.OrchestrationAsyncTask.executeInOrchContext(OrchestrationAsyncTask.java:97)
at oracle.iam.platform.kernel.impl.OrchestrationAsyncTask.execute(OrchestrationAsyncTask.java:74)
at oracle.iam.platform.async.impl.TaskExecutor.executeUnmanagedTask(TaskExecutor.java:99)
at oracle.iam.platform.async.impl.TaskExecutor.execute(TaskExecutor.java:69)
at oracle.iam.platform.async.messaging.MessageReceiver.onMessage(MessageReceiver.java:68)
at sun.reflect.GeneratedMethodAccessor3329.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
at com.bea.core.repackaged.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at com.sun.proxy.$Proxy647.onMessage(Unknown Source)
at weblogic.ejb.container.internal.MDListener.execute(MDListener.java:583)
at weblogic.ejb.container.internal.MDListener.transactionalOnMessage(MDListener.java:486)
at weblogic.ejb.container.internal.MDListener.onMessage(MDListener.java:388)
at weblogic.jms.client.JMSSession.onMessage(JMSSession.java:4817)
at weblogic.jms.client.JMSSession.execute(JMSSession.java:4491)
at weblogic.jms.client.JMSSession.executeMessage(JMSSession.java:3945)
at weblogic.jms.client.JMSSession.access$000(JMSSession.java:115)
at weblogic.jms.client.JMSSession$UseForRunnable.run(JMSSession.java:5337)
at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:550)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:263)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
Caused by: oracle.iam.provisioning.exception.GenericProvisioningException: An error occurred in oracle.iam.provisioning.spi.DOBProvisioningMechanism/provision while provisioning application instance with key 0 to user with name 1161546 the cause of error is oracle.iam.provisioning.exception.GenericProvisioningException: DOBJ.USR_PASSWORD_DOES_NOT_MATCH_POLICY: H: Password Does Not Satisfy Policy: Max. Number of unicode characters=0 : Max. Number of unicode characters=0.
at oracle.iam.provisioning.util.ProvisioningUtil.throwGenericProvisioningException(ProvisioningUtil.java:258)
at oracle.iam.provisioning.spi.DOBProvisioningMechanism.provision(DOBProvisioningMechanism.java:548)
at oracle.iam.provisioning.impl.ProvisioningServiceImpl.provision(ProvisioningServiceImpl.java:547)
at sun.reflect.GeneratedMethodAccessor3355.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
at oracle.iam.platform.utils.DMSMethodInterceptor.invoke(DMSMethodInterceptor.java:35)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at com.sun.proxy.$Proxy609.provision(Unknown Source)at oracle.iam.accesspolicy.impl.handlers.provisioning.ProvisionAccountActionHandler.execute(ProvisionAccountActionHandler.java:164)
... 42 more
任何最早的帮助都会有帮助。此错误是由于附加到广告资源的密码策略造成的。存在密码策略配置,其中有人将unicode字符的最大数量修改为0。由于系统无法根据密码策略验证用户密码,因此AD设置失败 我已将unicode字符的最大数目设置为空。当尝试将广告帐户设置给用户时,该设置成功 谢谢