OID Changelog Adapter in OVD Generates Ldap Error 50 Insufficient Access After Completing OAM-OIM Integration Steps
Last updated on MARCH 08, 2017
Applies to:Oracle Internet Directory - Version 11.1.1 and later
Oracle Virtual Directory - Version 184.108.40.206.0 and later
Information in this document applies to any platform.
***Checked for relevance on 11-April-2013***
After completing the steps for Oracle Access Manager (OAM) integration with Oracle Identity Manager (OIM) 220.127.116.11 with a full Oracle Virtual Directory (OVD) installation, search of the OID change log using the OVD changelog adapter fails with LDAP Error 50 'Insufficient Access'.
The changelog adapter is configured with Pass-through Mode: Always.
The OIM Advanced Administration -> Resource Management -> Manage IT Resource -> IT Resource Type: Directory Server -> Admin Login value is set to the OIM Administrator user DN as specified when idmConfigTool script was run for the integration.
Admin Login: cn=oimadmin,cn=users,dc=oracle,dc=com
It is expected that the idmConfigTool.sh -prepareIDstore step will configure the cn=changelog Access Control List (ACL) in OID so that the OIM Administrator user can search the OID change log.
Steps to reproduce
1. Configure OAM-OIM integration.
2. Access Oracle Directory Services Manager (ODSM) and connect to OVD as the OIM Administrator user e.g. cn=oimadmin,cn=users,dc=oracle,dc=com
3. Click the Data Browser tab.
4. Click on the cn=changelog entry, the following error popup is shown:
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms