OVD Is Not Updating User Passwords in MS Active Directory (AD) LDAP: error code 50 INSUFF_ACCESS_RIGHTS
(Doc ID 1536208.1)
Last updated on NOVEMBER 03, 2019
Applies to:
Oracle Virtual Directory - Version 10.1.4.3 and laterInformation in this document applies to any platform.
Symptoms
Oracle Virtual Directory (OVD) is not updating users' passwords via a Microsoft (MS) Active Directory (AD) Adapter using the ActiveDirectory Password Plug-In. The plugin is configured correctly.
At command line when attempting to change a password to a user via OVD, the following error is returned
ldapmodify -h <OVD_HOSTNAME> -p <OVD_PORT> -D cn=orcladmin -w <PASSWORD> -f <FILENAME>
modifying entry cn=<USERNAME>,dc=<AD_USERS>,dc=<COMPANY>,dc=com
ldap_modify: Insufficient access
ldap_modify: additional info: LDAP Error 50 : [LDAP: error code 50 - 00000005: S
ecErr: DSID-031A0F44, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
Access.log reports the following:
[2013-06-20T11:40:10.350-04:00] [octetstring] [NOTIFICATION] [OVD-20041] [com.octetstring.accesslog] [tid: xx] [ecid: <ECID>] conn=315 op=1 MOD dn=cn=<USERNAME>,dc=<AD_USERS>,dc=<COMPANY>,dc=com
[2013-06-20T11:40:10.371-04:00] [octetstring] [NOTIFICATION] [OVD-20042] [com.octetstring.accesslog] [tid: xxx] [ecid:<ECID>] conn=315 op=1 RESULT err=50 tag=0 nentries=0 etime=21
Diagnostic.log reports the following:
[2013-06-20T11:40:10.370-04:00] [octetstring] [WARNING] [OVD-40082] [com.octetstring.vde.backend.jndi.ConnectionHandle] [tid: xxx] [ecid:<ECID>] Could not modify entry.[[
javax.naming.NoPermissionException: [LDAP: error code 50 - 00000005: SecErr: DSID-031A0F44, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
]; remaining name 'cn=<USERNAME>,CN=Users,DC=<COUNTRY>,DC=<COMPANY>,DC=com'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3075)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3013)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2820)
at com.sun.jndi.ldap.LdapCtx.c_modifyAttributes(LdapCtx.java:1458)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_modifyAttributes(ComponentDirContext.java:255)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:172)
at javax.naming.directory.InitialDirContext.modifyAttributes(InitialDirContext.java:153)
at com.octetstring.vde.backend.jndi.ConnectionHandle.modify(ConnectionHandle.java:311)
at com.octetstring.vde.backend.jndi.BackendJNDI.modify(BackendJNDI.java:806)
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Cause |
| Solution |