OUD11g/12c - EUS Setup for User External Authentication Works for Some Users and Fails with Other Users in Different Suffix with ORA-01017
(Doc ID 2312243.1)
Last updated on JUNE 05, 2023
Applies to:
Oracle Unified Directory - Version 12.2.1.3 and laterInformation in this document applies to any platform.
Symptoms
EUS implementation for Oracle database to authenticate Oracle database users with OUD.
This works fine for users under cn=users,<SUFFIX_DN>.
However, in the OUD instance, there are also users in a different location. For example - uid=<UID>,cn=<OTHER_USERS>,<SUFFIX_DN>
When connecting from clients receiving ORA-01017 error.
After enable the trace in the database, found that OUD search only under cn=users,dc=<SUFFIX_DN>.
KZLD_ERR: 0
kzld_search -s sub -b cn=OracleDBSecurity,cn=Products,cn=OracleContext,<SUFFIX_DN>
search filter: (&(objectclass=orcldbenterprisedomain_82)(uniqueMember=cn=xxxxx,cn=OracleContext,<SUFFIX_DN>))
KZLD_ERR: 0
kzldsp found policy ALL
kzld_search -s base -b cn=Common,cn=Products,cn=OracleContext,<SUFFIX_DN>
search filter: objectclass=*
KZLD_ERR: 0
kzld found uid for orclCommonNicknameAttribute
kzldsearch_ext -s sub -b cn=users,<SUFFIX_DN>
search filter: uid=<UID>
KZLD_ERR: failed the search 28304.
number of entries: 0
KZLD_ERR: 28304
KZLD_ERR: failed to locate user of name <USER.1>
KZLD is doing LDAP unbind
Probably It is necessary perform some modification to make this user search in the other container.
Changes
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Changes |
| Cause |
| Solution |
| References |