Unable to authenicate to OID through AD password plugin "invalid credentials"
(Doc ID 1479558.1)
Last updated on SEPTEMBER 16, 2019
Applies to:
Oracle Application Server Single Sign-On - Version 10.1.2 and laterOracle Internet Directory - Version 10.1.2 and later
Information in this document applies to any platform.
Symptoms
Unable to login to SSO with user synced from AD to OID using the pl/sql password plugin.
Error from ssoServer.log:
Fri Jul 20 15:26:36 BST 2012 [ERROR] AJPRequestHandler-ApplicationServerThread-8 Could not get attributes for user, <FIRSTNAME>.<LASTNAME>
oracle.ldap.util.NoSuchUserException: User does not exist - SIMPLE NAME = <FIRSTNAME>.<LASTNAME>
at oracle.ldap.util.Subscriber.getUser_NICKNAME(Subscriber.java:1159)
at oracle.ldap.util.Subscriber.getUser(Subscriber.java:912)
Error in sso login screen: invalid credentials
Error in oid logs with level 1 debug:
BEGIN
2012/07/30:16:54:11 * ServerWorker (REG):4 * ConnID:61 * OpId:239 * OpName:search
INFO :gslfseADoSearch BASE = cn=users, dc=<COMPANY>,dc=com FILTER = (&(objectclass=person)(uid=<FIRSTNAME>.<LASTNAME>)) #REQDATTR = 5 scope =2
16:54:11 * INFO : gslfrsASendLdapResult2 RESULT = 0 nentries=1
END
2012/07/30:16:54:11 * ServerWorker (REG):4 * INFO * ServerWorker * Operation Complete
BEGIN
2012/07/30:16:54:11 * ServerWorker (REG):4 * ConnID:61 * OpId:240 * OpName:compare
gslfcmADoCompare: IP Address (<IP_ADDRESS>) dn (cn=<FIRSTNAME>.<LASTNAME>,,cn=users, dc=<COMPANY>,dc=com) attr (userpassword) value(xxxxxx)
16:54:11 * INFO : gslfrsASendLdapResult2 RESULT = 5 nentries=0
END
RESULT=5 is a failed plugin attempt for ldapcompare.
and ldapbind to OID with user credentials fails with: ldap_bind: UnKnown Error Encountered
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Cause |
Solution |