My Oracle Support Banner

AD Server Chaining in OID11g Fails With Unknown Error After Setting addOrcluserv2ToADUsers (Doc ID 1272668.1)

Last updated on JULY 01, 2016

Applies to:

Oracle Internet Directory - Version: 11.1.1.1.0 to 11.1.1.3.0 - Release: 11g to 11g
Information in this document applies to any platform.

Symptoms

When using Server Chaining with Active Directory (AD), after enabling addOrcluserv2ToADUsers in the server chaining definition,  performing an ldapsearch against a chained user fails with "Unknown Error Encountered".
Server chaining was working successfully without addOrcluserv2ToADUsers.

Steps to reproduce:

1. Set up server chaining with AD, initially with addorcluserv2toadusers set to 0, which is disabled ( This is the default value).

2. Check that you can successfully dump the attributes of a chained user using ldapsearch:

Example:
$ORACLE_HOME/bin/ldapsearch -h myoid.au.oracle.com -p 3060 -D "cn=orcladmin"  -w mypasswd -b "cn=test, cn=ad, cn=users,dc=au,dc=oracle,dc=com" -s base "objectclass=*"
==>
cn=test
uid=test
userpassword=testpwd
objectclass=top
objectclass=person
objectclass=organizationalPerson
objectclass=user
objectclass=computer
objectclass=inetorgperson
orclsamaccountname=TEST$


3. Enable addOrcluserv2ToADUsers by setting the value to 1

Example:
- Create a file mod_ocluserv2.ldif  with the contents:

dn: cn=oidscad,cn=oid server chaining,cn=subconfigsubentry
changetype: modify
replace: addOrcluserv2ToADUsers
addOrcluserv2ToADUsers: 1

- Update the addOrcluserv2ToADUsers
$ORACLE_HOME/bin/ldapmodify -h myoid.au.oracle.com -p 3060 -D "cn=orcladmin"  -w mypasswd -v -f mod_ocluserv2.ldif



4. Dump the chained user again, and it now fails with UnKnown Error Encountered:

Example:
$ORACLE_HOME/bin/ldapsearch -h myoid.au.oracle.com -p 3060 -D "cn=orcladmin" -w mypasswd -b "cn=test, cn=ad, cn=users,dc=au,dc=oracle,dc=com" -s base "objectclass=*"
ldap_search: UnKnown Error Encountered





Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
  Symptoms
  Cause
  Solution
  References

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.