Description: This post will show you how to setup the OIM Schema user to have no password expiration date. You've probably seen the following errors during OIM managed server start up:
[EL Severe]: 2014-06-15 19:55:22.713--ServerSession(514521790)--Exception [EclipseLink-4002] (Eclipse Persistence Services - 2.3.1.v20111018-r10243): org.eclipse.persistence.exceptions.DatabaseException Internal Exception: java.sql.SQLException: ORA-28001: the password has expired Error Code: 28001 Jun 15, 2014 7:55:22 PM oracle.security.jps.internal.credstore.ldap.LdapCredentialStore <init> WARNING: Could not create credential store instance. Reason oracle.security.jps.service.policystore.PolicyStoreException: javax.persistence.PersistenceException: Exception [EclipseLink-4002] (Eclipse Persistence Services - 2.3.1.v20111018-r10243): org.eclipse.persistence.exceptions.DatabaseException Internal Exception: java.sql.SQLException: ORA-28001: the password has expired Error Code: 28001 JPS-01055: Could not create credential store instance. Reason oracle.security.jps.service.policystore.PolicyStoreException: javax.persistence.PersistenceException: Exception [EclipseLink-4002] (Eclipse Persistence Services - 2.3.1.v20111018-r10243): org.eclipse.persistence.exceptions.DatabaseException Internal Exception: java.sql.SQLException: ORA-28001: the password has expired Error Code: 28001 Error: Diagnostics data was not saved to the credential store. Error: Validate operation has failed. Need to do the security configuration first!
The errors are caused by expired schema password and the OIM server will fail to start up.
 |
| Expired Schema Owner |
After changing several database parameters that are responsible for password expiration and resolving expired accounts, you'll notice the accounts will have a NULL password expiration date. Thus, these accounts have no password expiration date.
 | |
| No Password Expiration After Changing DB Parameters |
