After Oidcmprec Reconcile Of Cluster HA OVD 11g LSAs, Second OVD Node EUS Logins Fail With: ORA-28043 invalid bind credentials for db connection (Doc ID 1533700.1)

Last updated on APRIL 20, 2021

Applies to:

Symptoms

Clustered Oracle Virtual Directory (OVD) 11g, e.g., 11.1.1.6.0 or 11.1.1.7.0 configured for Enterprise User Security (EUS).

After configuring a second OVD node in High Availability (HA) and copying the configuration and Local Store Adapters (LSAs) from working OVD node1 to OVD node2, then switching the client's ldap.ora to OVD node2, attempting to login via EUS/Database (DB) the following error occurs:

After enabling sqlnet/RDBMS trace, the error shown is:

Steps to reproduce:
1. Use EUS/OVD/Active Directory (AD) configuration via the 11.1.1.6 EUS Adapter Wizard.
2. Verify everything works fine with the 1st OVD node, i.e., able to register the DB with DBCA and login with EUS.
3. Use syncovdconfig to copy all configuration from OVD node1 to OVD node2.
4. Use oidcmprec to copy all the OVD node1 LSAs to OVD node2.
5. Switch the client ldap.ora to use OVD node2 instead of OVD node1 to see that EUS logins fail with the errors above.

Changes

Cause

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.