OBIEE 11g Sample App V207 virtual image OID password expiration issue GSL_PWDEXPIRED_EXCP

Feeds:: Posts; Comments

« OBIEE 11g Building Dynamic Where Conditions using prompts and jQuery

OBIEE 11g Action Links–Workaround for export issue in Excel PDF PPT formats »

OBIEE 11g Sample App V207 virtual image OID password expiration issue GSL_PWDEXPIRED_EXCP

November 24, 2012 by Venu Palvai

Recently I have installed sample app v207. After using image couple of time, I was not able to restart OBIEE BI Server and Presentation services. After digging into log files I found below message.

oracle.ods.virtualization.engine.util.DirectoryException: LDAP Error 49 : [LDAP: error code 49 – Password Policy Error :9000: GSL_PWDEXPIRED_EXCP :Your Password has expired. Please contact the Administrator to change your password.]

There is not much information regarding a fix for this problem in linux based VM. Most of the instructions described in related blogs need OID management services client. I was able to fix this problem using below steps.

Open a terminal in VM and follow below commands.

cd /home/oracle/oid/Oracle_IDM1/ldap/bin

export ORACLE_HOME=/home/oracle/oid/Oracle_IDM1/
export ORACLE_INSTANCE=/home/oracle/oid/bioid2/

/* TNS Names for OID are in /home/oracle/oid/bioid2/config folder. Tnsname for OID is NOT ORCL. It is OIDDB */ I spent several hours to figure this out. Thanks to APP DBA website.

Below commands unlocks super user account

./oidpasswd unlock_su_acct=true connect=OIDDB

Navigate to folder where ldapmodify resides.

cd /home/oracle/oid/Oracle_IDM1/bin

Create “pwdreset.ldif” file using vi editor. Enter below lines.

dn: cn=orcladmin,cn=Users,dc=us,dc=oracle,dc=com
changetype: modify
replace: userpassword
userpassword: Admin123

Run below command to reset password

./ldapmodify -h obieesampleapp.us.oracle.com -p 3060 -D cn=orcladmin -w Admin123 -f pwdreset.ldif

create pwdpolicydef.ldif file has below

dn:cn=pwdpolicyentry, cn=common,cn=products,cn=oraclecontext
changetype:modify
replace: pwdmaxage
pwdmaxage: 15552000
changetype:modify
replace: pwdexpirewarning
pwdexpirewarning: 1209600
changetype:add
add: pwdgraceloginlimit
pwdgraceloginlimit: 5

Run below command to increase password expiration age.

./ldapmodify -h obieesampleapp.us.oracle.com -p 3060 -D cn=orcladmin -w Admin123 -f pwdpolicydef.ldif

Useful bog http://blog.csdn.net/lele5000/article/details/8057797

6 Responses

on December 18, 2012 at 6:07 am | Reply Sunder Iyer

Thanks for the info. It helped a lot.
on December 19, 2012 at 4:55 am | Reply Anooj

Thank you very much Venu. This is really helpful.
on February 15, 2013 at 11:43 am | Reply Sumeet

Very helpful article Venu..Thanks!
But I am facing an issue in executing the last command(to increase password expiration age)..
Can u pls help..The error I’m getting is:

modifying entry cn=pwdpolicyentry, cn=common,cn=products,cn=oraclecontext
ldap_modify: Undefined attribute type
ldap_modify: matched: cn=Common,cn=Products,cn=OracleContext
ldap_modify: additional info: Attribute replace is not supported in schema.

Can u pls guide me with the solution..Thanks..
- on February 15, 2013 at 11:46 am | Reply Venu Palvai
  
  It might still work. Can you try restarting BI?
  - on February 15, 2013 at 12:04 pm Sumeet
    
    Yup..working fine after restarting BI..Thanks 🙂
on March 7, 2013 at 3:43 am | Reply moning

Thank you very much!