The provided Access Control Instruction (ACI) target expression DN value "dc=openam,dc=forgerock,dc=org" is invalid.

>>>> OpenDJ was successfully upgraded from version
3.0.0.185acee3ba68d8da1782007eebacb3701dc996d6 to
3.5.0.6c04f4cb5de809ea1b4e8deb12925396da89d841

>>>> Performing post upgrade tasks

Rebuilding index(es) '[member]' for base dn(s)
'[dc=XXXX,dc=XXX]'.......................................... 100%

>>>> Post upgrade tasks complete

• See '/work/openam13.5.0-policies/openam11.0.3-conf/opends/logs/upgrade.log'
  for a detailed log of this operation
  amUpgrade:07/25/2016 08:27:33:933 AM SGT: Thread[localhost-startStop-1,5,main]: TransactionId[ec0fb511-29f9-4ba4-824f-c5ac686edc0f-0]
  ERROR: An error occurred while processing /WEB-INF/template/ldif/opendj/opendj_aci_lift_user_password_restriction.ldif
  org.forgerock.opendj.ldap.ConstraintViolationException: Invalid Attribute Syntax: An attempt to modify an aci attribute type in the entry "dc=XXXX,dc=XXX" failed because of the following reason: The provided Access Control Instruction (ACI) target expression DN value "dc=openam,dc=forgerock,dc=org" is invalid. The target expression DN value must be a descendant of the ACI entry DN "dc=XXX,dc=XXX", if no wild-card is specified in the target expression DN
  at org.forgerock.opendj.ldap.LdapException.newLdapException(LdapException.java:166)
  at org.forgerock.opendj.ldap.spi.ResultLdapPromiseImpl.setResultOrError(ResultLdapPromiseImpl.java:132)
  at org.forgerock.opendj.grizzly.LDAPClientFilter$ClientResponseHandler.modifyResult(LDAPClientFilter.java:301)
  at org.forgerock.opendj.io.LDAPReader.readModifyResult(LDAPReader.java:520)
  at org.forgerock.opendj.io.LDAPReader.readProtocolOp(LDAPReader.java:555)
  at org.forgerock.opendj.io.LDAPReader.readMessage(LDAPReader.java:122)
  at org.forgerock.opendj.grizzly.LDAPBaseFilter.handleRead(LDAPBaseFilter.java:72)
  at org.glassfish.grizzly.filterchain.ExecutorResolver$9.execute(ExecutorResolver.java:119)
  at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeFilter(DefaultFilterChain.java:284)
  at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeChainPart(DefaultFilterChain.java:201)
  at org.glassfish.grizzly.filterchain.DefaultFilterChain.execute(DefaultFilterChain.java:133)
  at org.glassfish.grizzly.filterchain.DefaultFilterChain.process(DefaultFilterChain.java:112)
  at org.glassfish.grizzly.ProcessorExecutor.execute(ProcessorExecutor.java:77)
  at org.glassfish.grizzly.nio.transport.TCPNIOTransport.fireIOEvent(TCPNIOTransport.java:526)
  at org.glassfish.grizzly.strategies.AbstractIOStrategy.fireIOEvent(AbstractIOStrategy.java:112)
  at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.run0(WorkerThreadIOStrategy.java:117)
  at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.access$100(WorkerThreadIOStrategy.java:56)
  at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy$WorkerThreadRunnable.run(WorkerThreadIOStrategy.java:137)
  at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:591)
  at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.run(AbstractThreadPool.java:571)
  at java.lang.Thread.run(Thread.java:745)