In an Oracle Identity Manager deployment integrated with Oracle Access Manager (OAM), when you log in to Oracle Identity Self Service for the first time, you are redirected to reset the password and answer challenge questions.
After successfully resetting the password and answering challenge questions, you are automatically logged in to the Oracle Identity Self Service without requiring to authenticate again.
When LDAP synchronization is enabled in Oracle Identity Manager with i Planet via Identity Virtualization Library (lib OVD), the localized display names are not populated in mls_usr/mls_ugp for user/role create/update changelog reconciliation.
Although the reconciliation event is created, but this is only for the localized display name replacing usr_display_name/ugp_display_name in USR/UGP tables.
This is because Oracle Identity Manager is unaware of the backend directory server.
It interacts only with OVD/lib OVD and uses the data returned in the changelog entries by OVD/lib OVD for reconciliation. i Planet DS/ODSEE returns only the modified subtype and value to OVD.
(22.214.171.124.0), make sure that you download and install the appropriate version (based on the platform) for the RDBMS Patch Number 9776940.
This is a prerequisite for installing the Oracle Identity Manager schemas.Table 10-2 lists the patches required for Oracle Identity Manager 11 OPatch version 126.96.36.199.1 must be upgraded to version 188.8.131.52.2 to meet the version requirement.See "Obtaining Patches From My Oracle Support (Formerly Oracle Meta Link)" for information about downloading OPatch from My Oracle Support.To workaround this issue, make changes to all subtypes in the directory server and then try to reconcile into Oracle Identity Manager to ensure that all values exist in the changelog entry result sent by OVD so that Oracle Identity Manager gets the attribute with the values of all subtypes.For example, if only one subtype, such as lang-ja, for the display Name attribute has to be modified in the LDAP and reconciled into Oracle Identity Manager, and if other subtypes, such as display Name, lang-zh-tw, and lang-fr, already exist in i Planet/ODSEE, then create a sample ldif file, as shown in Example 10-1, and import it into i Planet DS/ODSEE with the ldapmodify command.As a result, all the subtypes for the display Name attribute will have separate changelog IDs and will be reconciled into Oracle Identity Manager.