After Renaming An AD OU, OID DIP Sync'd Users Are Unable To Authenticate Via External Authentication Plugin Due to orclsourceobjectdn Not Updated With The New OU Value
Last updated on MARCH 08, 2017
Applies to:Oracle Internet Directory - Version 10.1.4.3 and later
Information in this document applies to any platform.
Oracle Internet Directory (OID) 10g 10.1.4.3 and higher.
After renaming an OU in AD that had been synchronized to OID, although the OU and all the user's DNs under it were changed correctly in OID, the users' orclsourceobjectdn were not updated to reflect the new OU, which in turn causes the External Authentication Plugin to fail to authenticate the users due to the incorrect/old orclsourceobjectdn value.
Steps to reproduce:
1. Example users originally synchronized to OID have:
2. Rename the OUs where those users reside in AD, and allow it to get sync'd to OID.
3. Check the OID entries and notice that their orclsourceobjectdn values are not updated:
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms