My Oracle Support Banner

AD Server Chaining in OID11g Fails With Unknown Error After Setting addOrcluserv2ToADUsers (Doc ID 1272668.1)

Last updated on FEBRUARY 08, 2019

Applies to:

Oracle Internet Directory - Version 11.1.1.1.0 to 11.1.1.3.0 [Release 11g]
Information in this document applies to any platform.

Symptoms

When using Server Chaining with Active Directory (AD), after enabling addOrcluserv2ToADUsers in the server chaining definition,  performing an ldapsearch against a chained user fails with "Unknown Error Encountered".
Server chaining was working successfully without addOrcluserv2ToADUsers.

Steps to reproduce:

1. Set up server chaining with AD, initially with addorcluserv2toadusers set to 0, which is disabled ( This is the default value).

2. Check that you can successfully dump the attributes of a chained user using ldapsearch:

Example:
$ORACLE_HOME/bin/ldapsearch -h <HOSTNAME> -p <PORT# -D "cn=orcladmin"  -w <PASSWORD> -b "cn=<USERNAME>, cn=users,dc=<COMPANY NAME>,dc=com" -s base "objectclass=*"
==>
cn=<USERNAME>
uid=<USER ID>
userpassword=<PASSWORD>
objectclass=top
objectclass=person
objectclass=organizationalPerson
objectclass=user
objectclass=computer
objectclass=inetorgperson
orclsamaccountname=<SAMACCOUNTNAME>



3. Enable addOrcluserv2ToADUsers by setting the value to 1

Example:
- Create a file mod_ocluserv2.ldif  with the contents:

dn: cn=oidscad,cn=oid server chaining,cn=subconfigsubentry
changetype: modify
replace: addOrcluserv2ToADUsers
addOrcluserv2ToADUsers: 1

- Update the addOrcluserv2ToADUsers
$ORACLE_HOME/bin/ldapmodify -h <HOSTNAME> -p <PORT# -D "cn=orcladmin" -w <PASSWORD> -v -f mod_ocluserv2.ldif



4. Dump the chained user again, and it now fails with UnKnown Error Encountered:

Example:
$ORACLE_HOME/bin/ldapsearch -h <HOSTNAME> -p <PORT# -D "cn=orcladmin" -w <PASSWORD> -b "cn=<USERNAME>, cn=users,dc=<COMPANY NAME>,dc=com" -s base "objectclass=*"
ldap_search: UnKnown Error Encountered





Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
Symptoms
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.