Issue: LDAP User Create and Update Reconciliation task doesn't create/update the user/role in Directory Server
Troubleshooting Notes:
Kevin Pinsky -
When you configure OVD and your Change Log Adapter, you have it configured to only record changes by users in the modifyDNFilter value. To record any changes not made by the admin account, use the value "!(modifiersname=cn=orcladmin)" in the plugin. Now, if you modify a user with an account other than cn=orcladmin, your scheduled task will pick up the latest changelog events and create recon events for them. I assume this would work with newly created users as well. You'll also notice your scheduled task will update the Last Change Number attribute to the last value reconciled.
Manish Gupta
Tactical solution we used was to unlock the users manually in OID (ODSM) or OIM (OIM Console), and run full/incremental reconciliation.
2. Permanent solution was provided by a patch to OIM 11.1.1.5.2, as a reponse to our SR
a. Upgrade the OIM to 11.1.1.5.2 (i.e. BP 02);
b. Apply one off patch # 12390753
Above happned in our case when OAM & OIM were integrated.
