OID 10g ldapcompare and ldapbind using Ext Auth plugins on AIX fail with "UnKnown Error Encountered" (Doc ID 1253287.1)

Last updated on JULY 01, 2016

Applies to:

Oracle Internet Directory - Version 10.1.4.3 and later
Information in this document applies to any platform.

Symptoms

 

BEGIN
2009/10/20:12:44:32 * ServerWorker (REG):8
ConnID:17061 * mesgID:9 * OpID:8 * OpName:compare
ConnIP:10.16.41.32 ConnDN: orclapplicationcommonname=orasso_ssoserver,cn=sso,cn=products,cn=oraclecontext
gslfcmADoCompare: IP Address (10.16.41.32) dn (cn=username,cn=users,dc=mycompany,dc=com) attr (userpassword) value(******)
12:44:32 * CLASSPATH = -Djava.class.path=/u01/app/oracle/product/idm/10.1.4/ldap/jlib/ospf.jar:/u01/app/oracle/product/idm/10.1.4/jlib/ldapjclnt10.jar:/u01/app/oracle/product/idm/10.1.4/jlib/jssl-1_1.jar:/u01/app/oracle/product/idm/10.1.4/jdbc/lib/classes12.zip:/u01/app/oracle/product/idm/10.1.4/ldap/jlib/osdt_core.jar:/u01/app/oracle/product/idm/10.1.4/ldap/jlib/osdt_cert.jar:/u01/app/oracle/product/idm/10.1.4/jlib/oraclepki103.jar:$CLASSPATH
12:44:33 * SUCCESS * sgslpvm_getJvmEnv * Creation of the JVM succeeded
12:44:33 * SUCCESS * sgslpvm_getJvmEnv * Attach to the JVM succeeded
12:44:34 * ERROR * sgslpip_invokeJPlg * Exception thrown while executing Java Plug-in oidexplg.jar
END

BEGIN
2009/10/20:12:44:34 * ServerWorker (REG):8
ConnID:17061 * mesgID:9 * OpID:8 * OpName:compare
ConnIP:10.16.41.32 ConnDN: orclapplicationcommonname=orasso_ssoserver,cn=sso,cn=products,cn=oraclecontext
ERROR * sgslpex_exceptionHndlr * Exception Message : oracle/ldap/ospf/ServerLog.log(Ljava/lang/String;)V
ERROR * sgslpex_exceptionHndlr * The Exception Stack Trace :
java.lang.UnsatisfiedLinkError
oracle.ldap.ospf.LibServerLogLoader.(LibServerLogLoader.java:56)
java.lang.J9VMInternals.initializeImpl(Native Method)
java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
java.lang.Class.forNameImpl(Native Method)
java.lang.Class.forName(Class.java:119)
oracle.ldap.ospf.ServerLog.(ServerLog.java:58)
java.lang.J9VMInternals.initializeImpl(Native Method)
java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
oidexplg.oidexplgLog(oidexplg.java:42)
oidexplg.when_compare_replace(oidexplg.java:451)
END

 

OID 10.1.4.3 on AIX.

Issue #1:
-----------------------
After a successful WNA login to OIDDAS from a WNA-enabled browser, selecting any tab returns error:

Error encountered while connecting to Directory Server

This is the same as Note:  "Accessing Tabs in OIDDAS by WNA Users Fails With "Error connecting to directory service" (Doc ID 313316.1)", however none of those Solutions resolves the problem.

Issue #2:
-----------------------
From a non-WNA enabled browser, for fallback authentication via the external authentication plugin, getting the OID login page, but the login fails and the external auth plug-in does not work.

Ldapbind and ldapcompare tests fail as follows:

$  ldapbind -h myoidhost.mycompany.com -p <oid port> -D "cn=user1,cn=users, dc=mycompany,dc=com" -w *******
ldap_bind: UnKnown Error Encountered

$  ldapcompare -h myoidhost.mycompany.com -p 389 -D "cn=orcladmin" -w ***** -b "cn=user1,cn=users, dc=mycompany,dc=com" -a userPassword -v ******
ldap_compare_s: UnKnown Error Encountered

The ssoServer.log shows:

Wed Aug 14 10:25:47 CDT 2013 [DEBUG] AJPRequestHandler-ApplicationServerThread-9 Authenticating against OID using username/password
Wed Aug 14 10:25:48 CDT 2013 [DEBUG] AJPRequestHandler-ApplicationServerThread-9 OID UtilException
oracle.ldap.util.AuthFailureException: Unable to authenticate user: cn=user1,cn=users, dc=mycompany,dc=com [LDAP: error code 73

An OID server debugged log shows:

 oidldapd01s14614894.log included in ssodbg.zip
See the following error:

...<snip>...
BEGIN
2013/08/14:10:25:47 * ServerWorker (REG):7
ConnID:108 * mesgID:9 * OpID:8 * OpName:compare        
ConnIP:10.111.248.55 ConnDN: orclapplicationcommonname=orasso_ssoserver,cn=sso,cn=products,cn=oraclecontext
gslfcmADoCompare: IP Address (<IP address>) dn (cn=user1,cn=users, dc=mycompany,dc=com) attr (userpassword) value(******)
10:25:47 *     NOT
10:25:47 *     AND
10:25:47 * => gslffeETestFilterList
10:25:47 *     EQUALITY
10:25:47 * <= gslffeATestFilter 0
10:25:47 *     EQUALITY
10:25:47 * <= gslffeATestFilter 0
10:25:47 * <= gslffeETestFilterList 0
10:25:47 * <= gslffeATestFilter 0
10:25:47 * <= gslffeATestFilter 1010
10:25:48 * INFO : gsleswrASndResult2 RESULT = 73 nentries=0
END
...<snip>...


What works:
-----------------------
Login to oiddas as orcladmin does not get this error.

Disabling the external authentication plugin resolves Issue #1, and WNA users are able to login to OIDDAS as well as navigate through all the OIDDAS tabs without errors.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms