DB EUS Logins Work with OID 11g Pre-11.1.1.9 But Fail with OID 11.1.1.9.0: ORA-28043: invalid bind credentials for DB-OID connection and/or ORA-28030: Server encountered problems accessing LDAP directory service. ldapbind Fails with: SSL handshake failed
(Doc ID 2098621.1)
Last updated on SEPTEMBER 06, 2023
Applies to:
Oracle Internet Directory - Version 11.1.1.9.0 and laterInformation in this document applies to any platform.
Symptoms
Existing Oracle Internet Directory (OID) 11g's, e.g., 11.1.1.7.0 and ealier, are working for Enterprise User Security (EUS) Database (DB) logins.
After installing a new OID 11.1.1.9.0 and migrating the EUS entries over from the older OID, EUS logins / global authentication configured to use the new 11.1.1.9 OID as LDAP server fail:
After correcting a password policy difference in the new 11.1.1.9 OID (for example, set the same value for pwdMaxAge to match the existing/working 11.1.1.5), EUS logins still fail with:
The data in both OID match exactly, including all the operational attribute values.
An OID debugged log reveals the same problem as outlined in the Symptoms of Document 1546173.1, where the EUS related search as orcladmin returns all the requested operational attributes, but the same search as the DB user returns only the dn and the orclguid from the nonworking OID, however that same Document Solution does not resolve the problem here.
Changes
Migrated EUS entries from older OID to new 11.1.1.9.0 OID.
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Changes |
Cause |
Solution |
References |