My Oracle Support Banner

DBMS_LDAP Retrieves Incorrect (Garbled) Custom Attribute Value from OID (Doc ID 2036251.1)

Last updated on OCTOBER 09, 2019

Applies to:

Oracle Internet Directory - Version 9.0.4 and later
Information in this document applies to any platform.

Symptoms

Unable to retrieve correct or expected value from custom attribute in Oracle Internet Directory (OID) via dbms_ldap.

Steps to Reproduce:
1. Create custom object class and attribute in OID, for example:

dn: cn=subschemasubentry
changetype: modify
add: attributetypes
attributetypes: ( 2.7.1.1 NAME 'customguid' DESC 'Guid' EQUALITY caseIgnoreMatch SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )

And its custom objectclass, e.g.:

dn: cn=subschemasubentry
changetype: modify
add: objectClasses
objectClasses: ( 2.7.7.8 NAME 'customperson' SUP top AUXILIARY MAY ( customguid ) )


2. Able to populate it via ldif file and ldapadd:

dn: cn=<USERNAME>,cn=Users,dc=<COMPANY>,dc=com
givenname: <GIVEN_NAME>
sn: <SUR_NAME>
userpassword: <PASSWORD>
mail: <USERNAME>@<COMPANY>.com
objectclass: inetOrgPerson
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: CustomPerson
uid: <USERNAME>
cn: <USERNAME>
customguid: <CUSTOM_ATTRIBUTE_VALUE>>



Reviewed the following Note and ruled out any extraneous spaces or characters:
Output of Ldapsearch Seems Corrupt After Creating using Ldapadd Document 1619111.1

Tried using doublecolon in the ldif file, e.g., customguid:: <base64 encoded value>, but it makes no difference.

Tried deleting several users and recreating them using ldapadd, then resync'ng with EBS. Was then able to retrieve the correct value from both ldsearch and dbms_ldap using test scripts. However, a production database (DB) function using same dbms_ldap still returns the garbled value.

Also tried deleting all of the users from OID and recreating them with the original ldif files, but the results are the same; test scripts work but db function does not.

In Oracle Directory Services Manager (ODSM), now the value displays correctly (before recreating the users it looked like a string of pictures and squares and random characters).

Also saw the error in the following Note returned in certain test scenarios, though not recently:
Dbms_ldap.Get_values Fails With Ora-12703: This Character Set Conversion Is Not Supported Document 1128543.1

(Note: This attribute/value comes from another application which uses a 3rd party ldap server such as Novell eDirectory. External users authenticate against that directory and if/when successful are provisioned to OID. So there is no control over what is done to the eDir guid before it is sent over. That value is also stored in a table in another database (DB) as cross-reference; when not getting that same exact value back (i.e. it is garbled), the integration does not work.)

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
Symptoms
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.