My Oracle Support Banner

OVD 10g Non-Admin Authenticated Search Fails: LDAP: error code 1 - 000004DC: LdapErr: DSID-0C0906DD, comment: In order to perform this operation a successful bind must be completed on the connection. (Doc ID 1160613.1)

Last updated on NOVEMBER 03, 2019

Applies to:

Oracle Virtual Directory - Version 10.1.4.3.0 and later
Information in this document applies to any platform.

Symptoms

Oracle Virtual Directory (OVD) 10g (i.e., 10.1.4.3).

Using simple ldapsearch scripts to monitor the Adapters in OVD.

When authenticating as the OVD Admin account, the scripts' ldapsearches work fine.

But, for security reasons, a new user in Active Directory (AD) was setup and ACLs configured for each Adapter using this user and the correct permissions to bind and search.

The bind and search appear to be successful, as an object match with attributes is returned, but at the tail end of the successful process, the following below error is thrown by the OVD Server:

ldap_search: additional info: LDAP Error 1 : [LDAP: error code 1 - 000004DC: LdapErr: DSID-0C0906DD, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v1772


The vde.log.exception file shows:

[2010-07-26 11:16:51,359] Error from search
javax.naming.NamingException: [LDAP: error code 1 - 000004DC: LdapErr: DSID-0C0906DD, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v1772 ];
remaining name 'DC=<DOMAIN>,DC=<COMPANY>,DC=com'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3028)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2934)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2740)
at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1811)
at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1734)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:368)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:328)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:313)
at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:238)
at com.octetstring.vde.backend.jndi.ConnectionHandle.search(ConnectionHandle.java:369)
at com.octetstring.vde.backend.jndi.JNDIEntrySet.initialize(JNDIEntrySet.java:222)
at com.octetstring.vde.backend.jndi.JNDIEntrySet.getNext(JNDIEntrySet.java:335)
at com.octetstring.vde.chain.ChainEntrySet.getNext(ChainEntrySet.java:108)
at com.octetstring.vde.operation.SearchOperation.perform(SearchOperation.java:609)
at com.octetstring.vde.MessageHandler.doSearch(MessageHandler.java:543)
at com.octetstring.vde.MessageHandler.answerRequest(MessageHandler.java:162)
at com.octetstring.vde.WorkThread.run(WorkThread.java:89)


Bypassing OVD and searching directly against AD with the same account works and the error does not reproduce.

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
Symptoms
Cause
Solution


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.