Directory Proxy Server 6.3 ldap search containing both and "&" and or "|" fails with error ldap_search: Operations error, Additional info: Server Error, err=1 (Doc ID 1131454.1)

Last updated on SEPTEMBER 30, 2013

Applies to:

Oracle Directory Server Enterprise Edition - Version 6.3 to 6.3 SP1 [Release 6.0]
Information in this document applies to any platform.
***Checked for relevance on 30-Sep-2013***
Solaris for SPARC
Sun Microsystems, Inc.
Sun-Java(tm)-System-Directory-Proxy-Server/6.3.x


Symptoms

Directory Server (LDAP) searches that contain both and "&" and or "|" in the search filter fails when sent through the Directory Proxy Server.

The following sample filter will work:

(&(objectclass=person)(uid=*))

However, the following sample search that uses multiple conditionals in the search filter will fail through the Directory Proxy Server (DPS) 6.3:

(&(objectclass=person)(|(uid=test1)(uid=test2)))

Errors from the command line results in:

ldap_search: operations error
ldap_search: additional info: server error

DPS access log will show:

SEARCH RESPONSE err=1 msg="Server Error" nentries=0 etime=0

Changes

The following changes was made:

1) Create Request Filter Policy
2) Modify policy so that attribute filtering is set to only allow certain attributes (dn,objectclass,uid) or forbid other attributes
3) Assign policy to connector (default)

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms