EM 13c: LDAP Users Login to Enterprise Manager 13c Cloud Control Fails with Error: LDAP: error code 50 - The request control with Object Identifier (OID) 2.16.840.1.113894.1.8.31 cannot be used due to insufficient access rights
(Doc ID 2781217.1)
Last updated on JUNE 23, 2021
Applies to:
Enterprise Manager Base Platform - Version 13.4.1.0.0 and laterOracle Virtual Directory - Version 12.2.1.2.0 and later
Information in this document applies to any platform.
Symptoms
In Enterprise Manager (EM) 13.4 Cloud Control, LDAP was configured with OpenLDAP successfully and users are able to log in and edit for the first 10 minutes only. Connecting again after 10 minutes fails with thisbelow error:
emoms.trc
2021-05-18 15:30:51,834 [.../console/admin/rep/editUserSummary$updateResult=updateSucceeded] WARN rep.UserData getUserData.966 - errMsg=User <username> not found in the external identity store (LDAP). Ensure the user exists in LDAP store.
2021-05-18 15:31:25,969 [.../console/admin/rep/editUserSummary$updateResult=updateSucceeded] ERROR opss.OPSSPolicyStoreUtil run.2654 - Exception occurred while retrieving granted app roles from opss for principal <principal>
oracle.igf.ids.AuthorizationException: Insufficient Access rights to perform the operation: entity= op=find AdditionalInfo: LDAP Error 50 : [LDAP: error code 50 - The request control with Object Identifier (OID) '2.16.840.1.113894.1.8.31' cannot be used due to insufficient access rights]
at oracle.igf.ids.arisid.ArisIdServiceManager.findEntity(ArisIdServiceManager.java:1676)
-more-
at weblogic.work.ExecuteThread.run(ExecuteThread.java:360)
Caused by: oracle.igf.ids.arisid.ArisIdAuthorizationException: Insufficient Access rights to perform the operation: entity= op=find AdditionalInfo: LDAP Error 50 : [LDAP: error code 50 - The request control with Object Identifier (OID) '2.16.840.1.113894.1.8.31' cannot be used due to insufficient access rights]
at com.oracle.ovd.arisid.OvdIdsStackProvider.mapResultCode(OvdIdsStackProvider.java:766)
at com.oracle.ovd.arisid.OvdIdsStackProvider.doFind(OvdIdsStackProvider.java:1336)
at com.oracle.ovd.arisid.ArisIdStackProvider.doFind(ArisIdStackProvider.java:172)
at org.openliberty.arisid.Interaction.doFind(Interaction.java:1022)
at oracle.igf.ids.arisid.ArisIdServiceManager.findEntity(ArisIdServiceManager.java:1628)
Changes
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Changes |
Cause |
Solution |
References |