Unable to authenicate to OID through AD password plugin "invalid credentials" (Doc ID 1479558.1)

Last updated on MARCH 08, 2017

Applies to:

Oracle Application Server Single Sign-On - Version 10.1.2 and later
Oracle Internet Directory - Version 10.1.2 and later
Information in this document applies to any platform.

Symptoms

Unable to login to SSO with user synced from AD to OID using the pl/sql password plugin.

Error from ssoServer.log:

Fri Jul 20 15:26:36 BST 2012 [ERROR] AJPRequestHandler-ApplicationServerThread-8 Could not get attributes for user, firstname.lastname
oracle.ldap.util.NoSuchUserException: User does not exist - SIMPLE NAME = firstname.lastname
at oracle.ldap.util.Subscriber.getUser_NICKNAME(Subscriber.java:1159)
at oracle.ldap.util.Subscriber.getUser(Subscriber.java:912)

Error in sso login screen: invalid credentials

Error in oid logs with level 1 debug:

BEGIN
2012/07/30:16:54:11 * ServerWorker (REG):4 * ConnID:61 * OpId:239 * OpName:search
INFO :gslfseADoSearch BASE = cn=users, dc=mwhglobal,dc=com FILTER = (&(objectclass=person)(uid=firstname.lastname)) #REQDATTR = 5 scope =2
16:54:11 * INFO : gslfrsASendLdapResult2 RESULT = 0 nentries=1
END

2012/07/30:16:54:11 * ServerWorker (REG):4 * INFO * ServerWorker * Operation Complete




BEGIN
2012/07/30:16:54:11 * ServerWorker (REG):4 * ConnID:61 * OpId:240 * OpName:compare
gslfcmADoCompare: IP Address (172.25.33.204) dn (cn=firstname.lastname,,cn=users, dc=oracle,dc=com) attr (userpassword) value(******)
16:54:11 * INFO : gslfrsASendLdapResult2 RESULT = 5 nentries=0
END

RESULT=5 is a failed plugin attempt for ldapcompare.

and ldapbind to OID with user credentials fails with: ldap_bind: UnKnown Error Encountered

 

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms