LDAP Error 32 Reported At IDS Layer While Overriding Search Base After PS3 Upgrade (Doc ID 2250954.1)

Last updated on JUNE 09, 2017

Applies to:

Oracle Virtual Directory - Version 11.1.1.9.0 and later
Oracle Access Manager - Version 11.1.1.9.0 and later
Information in this document applies to any platform.

Symptoms

- Use case is the attempt to use authentication modules, to use different search base KEY_SEARCH_BASE_URL
for each application. In OAM 11gR2PS3 it fail. With this setup, in OAM 11gR2PS1 , user authentication works fine as expected.
After upgrade OAM 11gR2PS1 to 11gR2PS3 with the same configuration, user authentication on applications using
different authentication modules plugins breaks

- To understand usecase configuration that worked in 11gR2PS1 there is:
OVDIDStore
User Search Base: cn=ovd,dc=idc,dc=oracle,dc=com
Group search base: cn=ovd,dc=idc,dc=oracle,dc=com

Authentication Module
Step UserID, Plugin name: UserIdentificationPlugin
KEY_IDENTITY_STORE_REF: OVDIDStore
KEY_SEARCH_BASE_URL: cn=newoid,dc=idc,dc=oracle,dc=com

> we see indeed here KEY_SEARCH_BASE_URL completely different/not overlap with OVDIDStore User Search Base

this worked fine in 11gR2PS1

- 11gR2PS3 uses IDS, which was not the case with 11gR2PS1
the error observed in the log is as follows

[2016-10-24T11:29:34.088+10:00] [oamServer1] [TRACE] [IGF-00003] [oracle.igf.ovd] [tid: [ACTIVE].ExecuteThread: '9' for queue:
'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 000001J0T_y8how5GFw0yf00vW0Q00005w,0:2] [APP: oam_server#11.1.2.0.0]
[SRC_CLASS: com.oracle.ovd.arisid.util.Logger] [SRC_METHOD: fine] No such entity: entity=cn=newoid,dc=idc,dc=oracle,dc=com op=search mesg=No Such Object LDAP Error 32 : No Such Object

or:

[2017-01-04T15:43:15.854+05:30] [oam_server1] [ERROR] [OAMSSA-20070]
[oracle.oam.user.identity.provider] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid:
005HK86zsFQEkJk_Kx9Die0002lb0007id,0:1:5:5] [APP: oam_server#11.1.2.0.0] Failure locating user with search base: cn=newoid,dc=idc,dc=oracle,dc=com.
filter: (uid={0}) and arguments: nav_ovd, for idstore oracle.igf.ids.IDSException: No such entity: entity=cn=newoid,dc=idc,dc=oracle,dc=com op=search mesg=
AdditionalInfo: LDAP Error 32 : No Such Object with exception {4}



Changes

 Upgrade OAM from 11gR2PS1 to 11gR2PS3

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms