There are at least two ways to achieve this:
1. Use OIDDAS (OID Delegated Administration Service)
Login to OIDDAS (this depends on which version of OID you are using), search and find the user and unlock it.
2. Use LDAP-Tools
I recommend this way, because it is much faster (for example if you have multiple accounts to unlock) and you see whats going on under the hood. It should work with all recent version of OID (from 10.1.2.0.2). Determine the distinguished name of the user (for example cn=lisa,cn=Users,dc=example,dc=com) and create a ldif file which sets the Attribute orclpwdaccountunlock to 1:
cn=lisa,cn=Users,dc=example,dc=comApply this via ldapmodify and the account is unlocked again. You also can set orclpwdaccountunlock directly via your favorite LDAP-Browser.
changetype: modify
add: orclpwdaccountunlock
orclpwdaccountunlock: 1
After that, the attributes pwdaccountlockedtime and pwdfailuretime (which mark the account as locked) will be gone.
And, by the way, you can find all locked accounts in your directory with executing the following ldap-search:
(pwdaccountlockedtime=*)
Keine Kommentare:
Kommentar veröffentlichen