R12 E-Business Suite Registration and error Resolution (Unable to call fnd_ldap_wrapper.create_user/update_user ORA-20001

OID integration with Oracle E-Business Suite has to register 3 components in EBS.

i) 10.1.3 ORACLE_HOME

$FND_TOP/bin/txkrun.pl -script=SetSSOReg -registerinstance=yes

ii) SSO Registration

$FND_TOP/bin/txkrun.pl -script=SetSSOReg -registersso=yes

iii) OID Registration

$FND_TOP/bin/txkrun.pl -script=SetSSOReg -registeroid=yes



EBS and OID will have 4 types of Provisioning:

i)  BiDirectional Provisioning (-provisiontype=1)
This is set by using the "-provisiontype=1" command line argument during OID registration. This is the default
provisioning type set by the registration utility.

ii) InBound Provisioning
This is set by using the "-provisiontype=2" command line argument during OID registration.

iii) OutBound Provisioning
This is set by using the "-provisiontype=3" command line argument during OID registration.

iv) BiDiNoCreation Provisioning
This is set by using the "-provisiontype=4" command line argument during OID registration. 


Provisioning Status:


Status of Provisioning can be known using the following command:

oidprovtool operation=STATUS \

> ldap_host=<Server_name> ldap_port=3060 \

> ldap_user=cn=orcladmin ldap_user_password=manager3 \

> application_dn="orclApplicationCommonName=DEV,cn=EBusiness,cn=Products,cn=OracleContext,dc=abcdefg,dc=com"    


Set the profile Options as per the Oracle note and restart the OPMN processes.



When the user try to create the user, he may experience an error like:

Unable to call fnd_ldap_wrapper.create_user / update_user ORA-20001 after OID integration with R12



This error could be because of many reasons , to name few
1) More Secure Password Policy in OID compared to E-Business Suite
2) User already exists in OID but missing in E-Business Suite
3) apps user does not have privileges to access dbms_ldap package.
4) AppsDN password expired in OID (password expiry in OID)
5) OID or DIP server not running



To get the more relevant error message for the above error, enable the FND DEBUG with the below profile options at user level:

FND: Debug Log Enabled - YES
FND: Debug Log Level - Error
FND: Debug Log Mode - Asynchronous
FND_DEBUG_RULE_THRESHOLD - 100

and reproduce the same error as the same user to whom the above profile actions are set and execute the following sql to know the exact error:

select module||' '||message_text , timestamp from apps.fnd_log_messages where timestamp > (sysdate - 1) order by timestamp;


In our case the error message was like this:

fnd.plsql.oid.fnd_ldap_user.create_user:  ORA-31202: DBMS_LDAP: LDAP client/server error: Constraint violation. Password Policy Error :9004: GSL_PWDNUMERIC_EXCP :Your Password must contain at least 1 numeric characters.

So the OID Policy was to have atleast one number and one character in password.