My Oracle Support Banner

Oracle Identity Federation 11g (OIF 11.1.1.2.0) Login to Salesforce and Spark are Failing Intermittently "error while interacting with an LDAP server or JNDI module" (Doc ID 2306404.1)

Last updated on MARCH 14, 2019

Applies to:

Oracle Identity Federation - Version 11.1.1.2.0 and later
Information in this document applies to any platform.

Symptoms

Oracle Identity Federation 11g (OIF 111120) Authentication to Salesforce and Spark are Failing Intermittently

1. Customer did OS patching one one of the nodes of OIF servers and restarted OIF applications on both nodes i.e. node1 and node2
2. Applications didn't started successfully and OIF deployment was in failed status.
3. Issue was fixed later by Disabling the configuration (configrdbmsenabled = false) pulling from database. OIF servers came back after that. We reset the parameter back to true and there was no issue post that too.
4. After this all applications were working fine except Salesforce and Spark.
5. When the appliation on node1 (patched server) is shut down, then all the applications are working as expected.
6. Temporary run on a single node on that time.

Errors from OIF diagnostic logs:

[2017-07-29T00:07:28.583+10:00] [wls_oif1] [WARNING] [DFW-40125] [oracle.dfw.incident] [tid: [ACTIVE].ExecuteThread: '0' for queue:
'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 005LM4nYsc1EkJGLqyp2iY0001Vf0004Qh,0:3] [APP: OIF#111120] [URI:
/fed/idp/initiatesso] [arg: FED-10152 [wls_oif1][oracle.security.fed.model.util.ldap.LDAPConnectionFactory]]
incident flood controlled with Problem Key "FED-10152 [wls_oif1][oracle.security.fed.model.util.ldap.LDAPConnectionFactory]"

[2017-07-29T00:07:28.582+10:00] [wls_oif1] [INCIDENT_ERROR] [FED-10152] [oracle.security.fed.model.util.ldap.LDAPConnectionFactory] [tid:
[ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid:
005LM4nYsc1EkJGLqyp2iY0001Vf0004Qh,0:3] [APP: OIF#111120] [URI: /fed/idp/initiatesso] LDAP BindDN or passwd is incorrect.

[2017-07-29T00:07:28.584+10:00] [wls_oif1] [TRACE] [] [oracle.security.fed.plugins.audit.AuditListener] [tid:
[ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid:
005LM4nYsc1EkJGLqyp2iY0001Vf0004Qh,0:3] [SRC_CLASS: oracle.security.fed.plugins.audit.AuditListener] [APP: OIF#111120]
[SRC_METHOD: process] [URI: /fed/idp/initiatesso] action=0

[2017-07-29T00:07:28.585+10:00] [wls_oif1] [ERROR] [FED-12031] [oracle.security.fed.model.user.ldap.LDAPUserJVT] [tid:
[ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid:
005LM4nYsc1EkJGLqyp2iY0001Vf0004Qh,0:3] [APP: OIF#111120] [URI: /fed/idp/initiatesso] NamingException: error while interacting with an LDAP
server or JNDI module[[
javax.naming.NamingException: bindDN or bind passwd is incorrect
at oracle.security.fed.model.util.ldap.LDAPConnectionFactory.openConnection(Unknown Source)
at oracle.security.fed.model.util.ldap.LDAPConnectionFactory.checkOutConnection(Unknown Source)
at oracle.security.fed.model.util.ldap.LDAPConnectionManager.getConnection(Unknown Source)
at oracle.security.fed.model.user.ldap.LDAPUserJVT.getAttributes(Unknown Source)

 

Make some troubleshooting steps, some of them:

- We tried to change authentication engine ldappasswd with updatecred
updateCred(map="OIF", key="ldappassword", user="cn=orcladmin", password="******", desc="user ldap passwd for Auth Engine")
password used is correct, we tested before ldapbind to oid and it is successful

- Verify by running on OIF AdminServer,
listCred(map="OIF", key="userldappassword")
listCred(map="OIF", key="ldappassword")
and confirm it display actual passwd.

- Still LDAP passwd issue is seen while fetching attributes for the authenticated user

Changes

 OS patching on one of the node 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.