My Oracle Support Banner

Unable to authenicate to OID through AD password plugin "invalid credentials" (Doc ID 1479558.1)

Last updated on SEPTEMBER 16, 2019

Applies to:

Oracle Application Server Single Sign-On - Version 10.1.2 and later
Oracle Internet Directory - Version 10.1.2 and later
Information in this document applies to any platform.


Unable to login to SSO with user synced from AD to OID using the pl/sql password plugin.

Error from ssoServer.log:

Fri Jul 20 15:26:36 BST 2012 [ERROR] AJPRequestHandler-ApplicationServerThread-8 Could not get attributes for user, <FIRSTNAME>.<LASTNAME>
oracle.ldap.util.NoSuchUserException: User does not exist - SIMPLE NAME = <FIRSTNAME>.<LASTNAME>
at oracle.ldap.util.Subscriber.getUser_NICKNAME(
at oracle.ldap.util.Subscriber.getUser(

Error in sso login screen: invalid credentials

Error in oid logs with level 1 debug:

2012/07/30:16:54:11 * ServerWorker (REG):4 * ConnID:61 * OpId:239 * OpName:search
INFO :gslfseADoSearch BASE = cn=users, dc=<COMPANY>,dc=com FILTER = (&(objectclass=person)(uid=<FIRSTNAME>.<LASTNAME>)) #REQDATTR = 5 scope =2
16:54:11 * INFO : gslfrsASendLdapResult2 RESULT = 0 nentries=1

2012/07/30:16:54:11 * ServerWorker (REG):4 * INFO * ServerWorker * Operation Complete

2012/07/30:16:54:11 * ServerWorker (REG):4 * ConnID:61 * OpId:240 * OpName:compare
gslfcmADoCompare: IP Address (<IP_ADDRESS>) dn (cn=<FIRSTNAME>.<LASTNAME>,,cn=users, dc=<COMPANY>,dc=com) attr (userpassword) value(xxxxxx)
16:54:11 * INFO : gslfrsASendLdapResult2 RESULT = 5 nentries=0

RESULT=5 is a failed plugin attempt for ldapcompare.

and ldapbind to OID with user credentials fails with: ldap_bind: UnKnown Error Encountered



To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.