OID Oracle Password Filter in AD Creates Large Logs Causing Disk Full Condition, and Fails to Synchronize Passwords. OIDMain.log Shows: "OID is down..." / "MAX_RETRY LIMIT count is not updated: OID is down" / "Password updation failed in child process"
(Doc ID 2120825.1)
Last updated on APRIL 28, 2021
Applies to:
Oracle Internet Directory - Version 10.1.4 to 11.1.1 [Release 10gR3 to 11g]Information in this document applies to any platform.
Symptoms
Oracle Internet Directory (OID) integrated with Microsoft Active Directory (AD) and the Oracle Password Filter.
Oracle Password Filter suddenly starts creating large logs, about 2GB of log per day, whereas before the log size was about 10MB per day. These abnormal logs are exhausting the AD server storage, causing disk full condition.
Also the Password Filter stopped synchronizing passwords.
No changes in any of the layers involved.
<date>OIDMain.log shows, for example:
...<snip>...
Password updation failed in child process
Inside sgslutilsplitData
decrypted ...
guidlen =
24
password length =
8
Returning values now
About to encrypt data to be stored in DataStore
Invoking OID Entry
Inside OIDEntry
GUID outside -->
dI0zy8YYC02VPH9CZZzt1A==
Inside updateOID
Inside sgsladac c-tor
AD Host
<AD_HOSTNAME>
AD Port
389
AD Base DN
OU=USERS,ou=myou,dc=<COMPANY_NAME>,dc=com
Inside ConnectToADSI
ADSI Bind success full
Inside AD Search User
About to fire the search request
TEST BASE -->
OU=USERS,ou=myou,dc=<COMPANY_NAME>,dc=com
AD search for a user objectGUID is successfull: for Configured SourceAttr
Count success
Geting Attribute Value
Value retrieved from AD for
objectGUID
Base64 encoded Value:=
dI0zy8YYC02VPH9CZZzt1A==
sourceAttributevalue from AD:
dI0zy8YYC02VPH9CZZzt1A==
Oid Filter New
(&(objectClass=orcladuser)(orclObjectGUID=<GUID_VALUE>))
REG BASE Key ===
SYSTEM\CurrentControlSet\Control\Lsa\orclidmpwf\OIDConfig
OID Host Key
OIDHost
OID Host Value ====
<OID_HOSTNAME>
OID Base DN is ---->
cn=users,dc=<COMPANY_NAME>,dc=com
About to retrive connection
OID is down about to write to Event Log
Inside sgsladds::sgslperwriteData YOOOO
Inside sgsladac c-tor
AD Host
<AD_HOSTNAME>
AD Port
389
AD Base DN
OU=USERS,ou=myou,dc=<COMPANY_NAME>,dc=com
Only dataattribute
Got Registry enteries
contact
description
Got Entiredn
OU=orclpwf<COMPANY_NAME>,OU=USERS,ou=myou,dc=<COMPANY_NAME>,dc=com
Encrypted record already exists in Datastore
Already Exists
Encrypted record already exists in Datastore
Already Exists
Inside sgsladdsSearchUser
Firing Search Request
AD search for a user objectGUID is successfull
Count success
Search result fetched
0:417 7 U364306298 400 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAA9Q1qdTZKCk+EQHh70lZQcgAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAAQZgAAAAEAACAAAADEXi10uq0tNwDKB1nfmAnUcooeIrR+AHvlFLXGXXYtmwAAAAAOgAAAAAIAACAAAAC0kUJnWeMVJML18DTXNNMZQEYv9giCElaCIur2gWCT2DAAAABqF1l3WALVHtckkpkPulKxj/lVbYlGRZsHbYnN39k3jIdrFdA2I4cENgqbe+laCTZAAAAATI43PUBHsy1ZJbLvPIcbj5bNouj0OKH8paCIyQZCpPQtr4bJa5S9UAIAFadMHEdp9yRDu8en+GUnT3iu+7SH5w==
--------------------&&&----------------
Inside sgsladds::sgsladdsgetData NEW Look
0:417 7 U364306298 400 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAA9Q1qdTZKCk+EQHh70lZQcgAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAAQZgAAAAEAACAAAADEXi10uq0tNwDKB1nfmAnUcooeIrR+AHvlFLXGXXYtmwAAAAAOgAAAAAIAACAAAAC0kUJnWeMVJML18DTXNNMZQEYv9giCElaCIur2gWCT2DAAAABqF1l3WALVHtckkpkPulKxj/lVbYlGRZsHbYnN39k3jIdrFdA2I4cENgqbe+laCTZAAAAATI43PUBHsy1ZJbLvPIcbj5bNouj0OKH8paCIyQZCpPQtr4bJa5S9UAIAFadMHEdp9yRDu8en+GUnT3iu+7SH5w==
Encoded Data Extracted in sgsladdsgetData
417 7 U364306298 400 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAA9Q1qdTZKCk+EQHh70lZQcgAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAAQZgAAAAEAACAAAADEXi10uq0tNwDKB1nfmAnUcooeIrR+AHvlFLXGXXYtmwAAAAAOgAAAAAIAACAAAAC0kUJnWeMVJML18DTXNNMZQEYv9giCElaCIur2gWCT2DAAAABqF1l3WALVHtckkpkPulKxj/lVbYlGRZsHbYnN39k3jIdrFdA2I4cENgqbe+laCTZAAAAATI43PUBHsy1ZJbLvPIcbj5bNouj0OKH8paCIyQZCpPQtr4bJa5S9UAIAFadMHEdp9yRDu8en+GUnT3iu+7SH5w==
Moving out sgsladdsgetData
Encoded Data Extracted
417 7 U364306298 400 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAA9Q1qdTZKCk+EQHh70lZQcgAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAAQZgAAAAEAACAAAADEXi10uq0tNwDKB1nfmAnUcooeIrR+AHvlFLXGXXYtmwAAAAAOgAAAAAIAACAAAAC0kUJnWeMVJML18DTXNNMZQEYv9giCElaCIur2gWCT2DAAAABqF1l3WALVHtckkpkPulKxj/lVbYlGRZsHbYnN39k3jIdrFdA2I4cENgqbe+laCTZAAAAATI43PUBHsy1ZJbLvPIcbj5bNouj0OKH8paCIyQZCpPQtr4bJa5S9UAIAFadMHEdp9yRDu8en+GUnT3iu+7SH5w==
MAX_RETRY LIMIT count is not updated: OID is down
0
numretries ======
0
Inside sgslcodsupdateChild
0:417 7 U364306298 400 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAA9Q1qdTZKCk+EQHh70lZQcgAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAAQZgAAAAEAACAAAADEXi10uq0tNwDKB1nfmAnUcooeIrR+AHvlFLXGXXYtmwAAAAAOgAAAAAIAACAAAAC0kUJnWeMVJML18DTXNNMZQEYv9giCElaCIur2gWCT2DAAAABqF1l3WALVHtckkpkPulKxj/lVbYlGRZsHbYnN39k3jIdrFdA2I4cENgqbe+laCTZAAAAATI43PUBHsy1ZJbLvPIcbj5bNouj0OKH8paCIyQZCpPQtr4bJa5S9UAIAFadMHEdp9yRDu8en+GUnT3iu+7SH5w==
Encrypted record data updated successfully
Inside sgsladac destructor
Inside sgslodac destructor
Inside sgsladac destructor
Password updation failed in child process
...<snip>...
Password updation failed in child process
Inside sgslutilsplitData
decrypted ...
guidlen =
24
password length =
8
Returning values now
About to encrypt data to be stored in DataStore
Invoking OID Entry
Inside OIDEntry
GUID outside -->
dI0zy8YYC02VPH9CZZzt1A==
Inside updateOID
Inside sgsladac c-tor
AD Host
<AD_HOSTNAME>
AD Port
389
AD Base DN
OU=USERS,ou=myou,dc=<COMPANY_NAME>,dc=com
Inside ConnectToADSI
ADSI Bind success full
Inside AD Search User
About to fire the search request
TEST BASE -->
OU=USERS,ou=myou,dc=<COMPANY_NAME>,dc=com
AD search for a user objectGUID is successfull: for Configured SourceAttr
Count success
Geting Attribute Value
Value retrieved from AD for
objectGUID
Base64 encoded Value:=
dI0zy8YYC02VPH9CZZzt1A==
sourceAttributevalue from AD:
dI0zy8YYC02VPH9CZZzt1A==
Oid Filter New
(&(objectClass=orcladuser)(orclObjectGUID=<GUID_VALUE>))
REG BASE Key ===
SYSTEM\CurrentControlSet\Control\Lsa\orclidmpwf\OIDConfig
OID Host Key
OIDHost
OID Host Value ====
<OID_HOSTNAME>
OID Base DN is ---->
cn=users,dc=<COMPANY_NAME>,dc=com
About to retrive connection
OID is down about to write to Event Log
Inside sgsladds::sgslperwriteData YOOOO
Inside sgsladac c-tor
AD Host
<AD_HOSTNAME>
AD Port
389
AD Base DN
OU=USERS,ou=myou,dc=<COMPANY_NAME>,dc=com
Only dataattribute
Got Registry enteries
contact
description
Got Entiredn
OU=orclpwf<COMPANY_NAME>,OU=USERS,ou=myou,dc=<COMPANY_NAME>,dc=com
Encrypted record already exists in Datastore
Already Exists
Encrypted record already exists in Datastore
Already Exists
Inside sgsladdsSearchUser
Firing Search Request
AD search for a user objectGUID is successfull
Count success
Search result fetched
0:417 7 U364306298 400 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAA9Q1qdTZKCk+EQHh70lZQcgAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAAQZgAAAAEAACAAAADEXi10uq0tNwDKB1nfmAnUcooeIrR+AHvlFLXGXXYtmwAAAAAOgAAAAAIAACAAAAC0kUJnWeMVJML18DTXNNMZQEYv9giCElaCIur2gWCT2DAAAABqF1l3WALVHtckkpkPulKxj/lVbYlGRZsHbYnN39k3jIdrFdA2I4cENgqbe+laCTZAAAAATI43PUBHsy1ZJbLvPIcbj5bNouj0OKH8paCIyQZCpPQtr4bJa5S9UAIAFadMHEdp9yRDu8en+GUnT3iu+7SH5w==
--------------------&&&----------------
Inside sgsladds::sgsladdsgetData NEW Look
0:417 7 U364306298 400 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAA9Q1qdTZKCk+EQHh70lZQcgAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAAQZgAAAAEAACAAAADEXi10uq0tNwDKB1nfmAnUcooeIrR+AHvlFLXGXXYtmwAAAAAOgAAAAAIAACAAAAC0kUJnWeMVJML18DTXNNMZQEYv9giCElaCIur2gWCT2DAAAABqF1l3WALVHtckkpkPulKxj/lVbYlGRZsHbYnN39k3jIdrFdA2I4cENgqbe+laCTZAAAAATI43PUBHsy1ZJbLvPIcbj5bNouj0OKH8paCIyQZCpPQtr4bJa5S9UAIAFadMHEdp9yRDu8en+GUnT3iu+7SH5w==
Encoded Data Extracted in sgsladdsgetData
417 7 U364306298 400 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAA9Q1qdTZKCk+EQHh70lZQcgAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAAQZgAAAAEAACAAAADEXi10uq0tNwDKB1nfmAnUcooeIrR+AHvlFLXGXXYtmwAAAAAOgAAAAAIAACAAAAC0kUJnWeMVJML18DTXNNMZQEYv9giCElaCIur2gWCT2DAAAABqF1l3WALVHtckkpkPulKxj/lVbYlGRZsHbYnN39k3jIdrFdA2I4cENgqbe+laCTZAAAAATI43PUBHsy1ZJbLvPIcbj5bNouj0OKH8paCIyQZCpPQtr4bJa5S9UAIAFadMHEdp9yRDu8en+GUnT3iu+7SH5w==
Moving out sgsladdsgetData
Encoded Data Extracted
417 7 U364306298 400 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAA9Q1qdTZKCk+EQHh70lZQcgAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAAQZgAAAAEAACAAAADEXi10uq0tNwDKB1nfmAnUcooeIrR+AHvlFLXGXXYtmwAAAAAOgAAAAAIAACAAAAC0kUJnWeMVJML18DTXNNMZQEYv9giCElaCIur2gWCT2DAAAABqF1l3WALVHtckkpkPulKxj/lVbYlGRZsHbYnN39k3jIdrFdA2I4cENgqbe+laCTZAAAAATI43PUBHsy1ZJbLvPIcbj5bNouj0OKH8paCIyQZCpPQtr4bJa5S9UAIAFadMHEdp9yRDu8en+GUnT3iu+7SH5w==
MAX_RETRY LIMIT count is not updated: OID is down
0
numretries ======
0
Inside sgslcodsupdateChild
0:417 7 U364306298 400 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAA9Q1qdTZKCk+EQHh70lZQcgAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAAQZgAAAAEAACAAAADEXi10uq0tNwDKB1nfmAnUcooeIrR+AHvlFLXGXXYtmwAAAAAOgAAAAAIAACAAAAC0kUJnWeMVJML18DTXNNMZQEYv9giCElaCIur2gWCT2DAAAABqF1l3WALVHtckkpkPulKxj/lVbYlGRZsHbYnN39k3jIdrFdA2I4cENgqbe+laCTZAAAAATI43PUBHsy1ZJbLvPIcbj5bNouj0OKH8paCIyQZCpPQtr4bJa5S9UAIAFadMHEdp9yRDu8en+GUnT3iu+7SH5w==
Encrypted record data updated successfully
Inside sgsladac destructor
Inside sgslodac destructor
Inside sgsladac destructor
Password updation failed in child process
...<snip>...
Changes
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Changes |
Cause |
Solution |
References |