OVD 11g: Adding User with Password into LSA, the Userpassword Attribute is Not Being Stored / Hashed as SSHA. Login Attempt Shows in OVD Log with: [ERROR] [OVD-60401] Password Encryption type AES-CBC not supported | Operation error {0} (Doc ID 2153805.1)

Last updated on SEPTEMBER 14, 2016

Applies to:

Oracle Virtual Directory - Version and later
Information in this document applies to any platform.


Oracle Virtual Directory (OVD) 11g user add password is not being stored as SSHA.

Configuring OVD server with a local store adapter (LSA) and adding a new user using a ldif file and ldapadd command.

The LSA is configured to store userpassword as SSHA, however, it shows the user's password stored as follows:

dn: uid=myuser,ou=myou,dc=mycompany,dc=com
userPassword: {AES-CBC}viseLT8C5eVmo24EJlrjxkjsLG6Ps+XMrxlADsXl0hw6SrLoWCSA+JBRqIwA1AD27Pz+exDDKE7ZUQD1nmBW8Q==
uid: myuser

And when this user tries to login with this account, the following error is logged:

[2016-06-22T15:40:54.608-04:00] [octetstring] [ERROR] [OVD-60401] [com.octetstring.vde.util.PasswordEncryptor] [tid: 53] [ecid: 0000LLtcIzGBt1oYCT6EVS1NNTuJ01_z4w,0] Password Encryption type AES-CBC not supported
[2016-06-22T15:43:11.595-04:00] [octetstring] [ERROR] [] [com.octetstring.vde.OperationHandler] [tid: 55] [ecid: 0000LLtcoRfBt1oYCT6EVS1NNTuJ01a1Pv,0] Operation error {0} [[
com.octetstring.vde.util.DirectoryException: Error occured in communicating with client: java.net.SocketException: Connection reset.





Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms