OAM Through OVD 11g Authentication (AD Backend) Fails for Users with Foreign Characters in their Passwords: LDAP Error 49 : [LDAP: error code 49 - Invalid Credentials]
(Doc ID 2061672.1)
Last updated on AUGUST 18, 2022
Applies to:
Oracle Virtual Directory - Version 11.1.1.0 and laterInformation in this document applies to any platform.
Symptoms
Oracle Access Manager (OAM) connecting to Oracle Virtual Directory (OVD) 11g which in turn connects to Microsoft (MS) Active Directory (AD) backend LDAP server.
Some of the users fail to authenticate.
OAM diagnostic log shows:
OVD log with Dump Transaction Plugin enabled shows a fewer number of asterisks than the number of characters in the password entered.
For example, the password entered may have say 20 characters, but OVD log shows only 9 asterisks for it:
BindDN: CN=<USERNAME>,OU=Users,DC=<COMPANY>,DC=com
Password: **********!
]]
[2015-09-21T09:48:45.696+02:00] [octetstring] [NOTIFICATION] [] [com.octetstring.vde.chain.plugins.DumpTransactions.DumpTransactions] [tid: xxx] [ecid:<ECID> !BIND Results: (Transaction#<ADAPTER_NAME>.Dump After.xxx) FALSE![[
com.octetstring.vde.util.DirectoryException: LDAP Error 49 : [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A8, comment: AcceptSecurityContext error, data 52e, v1db1 ]
Whereas for the users with working passwords, the same number or characters in the password is correctly represented in the OVD log with the same number of asterisks.
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Cause |
Solution |