My Oracle Support Banner

EM 13c: LDAP Users Login to Enterprise Manager 13c Cloud Control Fails with Error: LDAP: error code 50 - The request control with Object Identifier (OID) 2.16.840.1.113894.1.8.31 cannot be used due to insufficient access rights (Doc ID 2781217.1)

Last updated on JUNE 23, 2021

Applies to:

Enterprise Manager Base Platform - Version 13.4.1.0.0 and later
Oracle Virtual Directory - Version 12.2.1.2.0 and later
Information in this document applies to any platform.

Symptoms

In Enterprise Manager (EM) 13.4 Cloud Control, LDAP was configured with OpenLDAP successfully and users are able to log in and edit for the first 10 minutes only. Connecting again after 10 minutes fails with thisbelow error:

emoms.trc

2021-05-18 15:30:51,834 [.../console/admin/rep/editUserSummary$updateResult=updateSucceeded] WARN rep.UserData getUserData.966 - errMsg=User <username> not found in the external identity store (LDAP). Ensure the user exists in LDAP store.
2021-05-18 15:31:25,969 [.../console/admin/rep/editUserSummary$updateResult=updateSucceeded] ERROR opss.OPSSPolicyStoreUtil run.2654 - Exception occurred while retrieving granted app roles from opss for principal <principal>
oracle.igf.ids.AuthorizationException: Insufficient Access rights to perform the operation: entity= op=find AdditionalInfo: LDAP Error 50 : [LDAP: error code 50 - The request control with Object Identifier (OID) '2.16.840.1.113894.1.8.31' cannot be used due to insufficient access rights]
at oracle.igf.ids.arisid.ArisIdServiceManager.findEntity(ArisIdServiceManager.java:1676)
-more-
at weblogic.work.ExecuteThread.run(ExecuteThread.java:360)
Caused by: oracle.igf.ids.arisid.ArisIdAuthorizationException: Insufficient Access rights to perform the operation: entity= op=find AdditionalInfo: LDAP Error 50 : [LDAP: error code 50 - The request control with Object Identifier (OID) '2.16.840.1.113894.1.8.31' cannot be used due to insufficient access rights]
at com.oracle.ovd.arisid.OvdIdsStackProvider.mapResultCode(OvdIdsStackProvider.java:766)
at com.oracle.ovd.arisid.OvdIdsStackProvider.doFind(OvdIdsStackProvider.java:1336)
at com.oracle.ovd.arisid.ArisIdStackProvider.doFind(ArisIdStackProvider.java:172)
at org.openliberty.arisid.Interaction.doFind(Interaction.java:1022)
at oracle.igf.ids.arisid.ArisIdServiceManager.findEntity(ArisIdServiceManager.java:1628)

 

Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.