Using OID ldapcompare on User Attributes Other than Userpassword Fails with: ldap_compare_s: Insufficient access error (Doc ID 1054508.1)

Last updated on MARCH 08, 2017

Applies to:

Oracle Internet Directory - Version 10.1.2 and later
Information in this document applies to any platform.

Symptoms

Executing ldapcompare with user other than cn=orcladmin on user attributes results in:
ldap_compare_s: Insufficient access error

Example:
ldapcompare -h infra.mycompany.com -p 389 -D 'cn=user1,cn=users,dc=mycompany,dc=com' -w welcome1   -b "cn=user2,cn=users,dc=mycompany,dc=com" -a uid -v 'user2'


The above statement works correctly when running ldapcompare on the attribute 'userpassword'.

Changes

 

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms