After Oidcmprec Reconcile Of Cluster HA OVD 11g LSAs, Second OVD Node EUS Logins Fail With: ORA-28043 invalid bind credentials for db connection (Doc ID 1533700.1)

Last updated on MARCH 08, 2017

Applies to:

Oracle Virtual Directory - Version 11.1.1.6.0 to 11.1.1.7.0 [Release 11g]
Information in this document applies to any platform.

Symptoms

Clustered Oracle Virtual Directory (OVD) 11g, e.g., 11.1.1.6.0 or 11.1.1.7.0 configured for Enterprise User Security (EUS).

After configuring a second OVD node in High Availability (HA) and copying the configuration and Local Store Adapters (LSAs) from working OVD node1 to OVD node2, then switching the client's ldap.ora to OVD node2, attempting to login via EUS/Database (DB) the following error occurs:

ora-28043 invalid bind credentials for db connection

After enabling sqlnet/RDBMS trace, the error shown is:

KZLD_ERR: Failed to bind to LDAP server. Err=49


Steps to reproduce:
1. Use EUS/OVD/Active Directory (AD) configuration via the 11.1.1.6 EUS Adapter Wizard.
2. Verify everything works fine with the 1st OVD node, i.e., able to register the DB with DBCA and login with EUS.
3. Use syncovdconfig to copy all configuration from OVD node1 to OVD node2.
4. Use oidcmprec to copy all the OVD node1 LSAs to OVD node2.
5. Switch the client ldap.ora to use OVD node2 instead of OVD node1 to see that EUS logins fail with the errors above.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms