Multiple Values of Attribute with Binary Syntax Added to SINGLE-VALUE Custom Siteminder Attribute After Upgrade to Oracle Unified Directory (OUD) 11g PS3 (Doc ID 2157733.1)

Last updated on APRIL 14, 2022

Applies to:

Symptoms

On : 11.1.2.3.1 version, Configuration


After upgrade to 11g PS3, multiple values of a custom Siteminder attribute are added to an entry when attempting to add/mod/del custom Siteminder attribute.  In the example below the Siteminder attribute is "CAhintSMpassworddata" which stores password history in the entry and has binary syntax with single-value configuration in the schema definition.


After upgrading, should be able to add/mod/del original custom attribute without additional occurrences of the attribute being created in the user entry.

The issue can be reproduced at will with the following steps:

Installed 11.1.2.2.0 and added entries with CAhintSMpassworddata using schema in 99-user.ldif file

=====================

- ./stop-ds -- Stop the instance
- ./runInstaller -jreLoc -- GUI installation of 11.1.2.3.0 over ORACLE_HOME of 11.1.2.2.0
[ upgraded opatch]
- opatch apply -- Apply 11.1.2.3.1 patch

- ./start-ds -F  -- Start the instance

----------
- ./start-ds --upgrade
- ./start-ds

- Before modification of cahintsmpassworddata,  only one value is shown:

- Modify cahintsmpassworddata (mod-cahintsmpassworddata) for User1 entry

The below output demonstrates how the "User1" entry has both attributes "cahintsmpassworddata;binary" and "cahintsmpassworddata" after the modification but the other User entries do not have both attributes in their entries -

Due to this issue, Siteminder logins fail since there is more than one value of cahintSMPasswordData in an entry.

Changes

Cause

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.