My Oracle Support Banner

OVD 11g: Adding User with Password into LSA, the Userpassword Attribute is Not Being Stored / Hashed as SSHA. Login Attempt Shows in OVD Log with: [ERROR] [OVD-60401] Password Encryption type AES-CBC not supported | Operation error {0} (Doc ID 2153805.1)

Last updated on DECEMBER 02, 2019

Applies to:

Oracle Virtual Directory - Version and later
Information in this document applies to any platform.


Oracle Virtual Directory (OVD) 11g user add password is not being stored as SSHA.

Configuring OVD server with a local store adapter (LSA) and adding a new user using a ldif file and ldapadd command.

The LSA is configured to store userpassword as SSHA, however, it shows the user's password stored as follows:

dn: uid=<USERNAME>,ou=<OU>,dc=<COMPANY>,dc=com
userPassword: {AES-CBC}xxxxxxxxxxxxxxxxxxxx

And when this user tries to login with this account, the following error is logged:

[2016-06-22T15:40:54.608-04:00] [octetstring] [ERROR] [OVD-60401] [com.octetstring.vde.util.PasswordEncryptor] [tid: xx] [ecid: <ECID>] Password Encryption type AES-CBC not supported
[2016-06-22T15:43:11.595-04:00] [octetstring] [ERROR] [] [com.octetstring.vde.OperationHandler] [tid: xx] [ecid: <ECID>] Operation error {0} [[
com.octetstring.vde.util.DirectoryException: Error occured in communicating with client: Connection reset.



To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.