My Oracle Support Banner

ODSEE - Root-dn Password Encryption Scheme was Changed to SSHA after Changed Password (Doc ID 2290389.1)

Last updated on OCTOBER 28, 2019

Applies to:

Oracle Directory Server Enterprise Edition - Version 11.1.1.7.0 and later
Information in this document applies to any platform.

Symptoms

The root-dn ("cn=<DS_ADMIN>") password encryption scheme was changed from SSHA256 to SSHA after changing the root-dn password because the root-pwd-storage-scheme value is set to SSHA.

The root-dn had a password with encryption scheme by SSHA256 when the DS instance was created as follows:

# ./dsconf get-server-prop -p <PORT> -e
.........
db-env-path : <INSTANCE_ROOT>/db
.........
.........
root-dn : cn=<DS_ADMIN>
root-pwd : {SSHA256}<ENCRYPTED_PASSWORD>

However, after changing the root-dn password, the root-dn password encryption scheme was changed from SSHA256 to SSHA as follows:

# ldapmodify -D "cn=<DS_ADMIN>" -w xxxxx -h <hostname> -p <PORT>
dn: cn=config
changetype: modify
replace: nsslapd-rootpw
nsslapd-rootpw: <NEW_PASSWORD>

modifying entry cn=config

 

# ./dsconf get-server-prop -p <portNo> -e
.........
db-env-path : <INSTANCE_ROOT>/db
.........
.........
root-dn : cn=<DS_ADMIN>
root-pwd : {SSHA}<ENCRYPTED_PASSWORD>
root-pwd-storage-scheme : SSHA

 

 

 

Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.