oracle.iam.platform.kernel.EventFailedException: IAM-3010068:Password reset failed because user xxxxx is not synchronized to the LDAP directory.:xxxxx

Error :

oracle.iam.platform.kernel.EventFailedException: IAM-3010068:Password reset failed because user xxxxx is not synchronized to the LDAP directory.:xxxxx

Soln :

- Clean USR_LDAP_GUID and USR_LDAP_DN for the particular user 
- Run LDAPSync Post Enable Provision Users to LDAP. 

OIM – Change LDAP Connector to LDAPSync

Req:

To Change the architecture to LDAPSync due to requirements of integrating OAM and OIM. LDAPSync is mandatory compoment in OIM-OAM integration.

Steps:

  1. First Delete Application Instance
  2. Run ‘Application Instance Post Delete’ Scheduled Job  with ‘Delete’ as parameter
  3. Enable LDAPSync
  4. Update LDAPSync Recon rules in /db/LDAPUser to match USER_LOGIN instead of GUID

Please refer to the OIM-OAM-OID Integration document for further Reference.

https://idmhelp.wordpress.com/2016/04/18/oim-oam-oid-integration/

Coexistence of OUD Conector and LDAP Sync

Q: There already exists OUD Connector in current OIM env -OIM 11.1.2.3 which provisions to OUD which is identity store for OAM. Now we want to Integrate OIM and OAM to achieve password management and LDAP Sync is mandatory.

A: If you have both configured, you will want to modify the connector to be more of a read only workflow and only perform reconciliation actions by removing the task triggers for propagating data. I would also remove the Password Updated adapter to be auto complete. You should also consider decommissioning the application instance for the connector side once you’ve completed your full integration with ldap sync.

ref: oracle forum.