OUD11g/12c - LdapBind Is Successful But Ldapsearch Is Failing

(Doc ID 2346151.1)

Last updated on JANUARY 10, 2018

Applies to:

Oracle Unified Directory - Version 11.1.1.5.0 to 12.2.1.3.0 [Release 11g to 12c]
Information in this document applies to any platform.

Symptoms


Ldapbind is successful but Ldapsearch is failing

For this specific case, the LDAP client is - Siebel LDAP/SSO with OAM - but it could occur for any client.

Example of successful ldapbind -

ldapbind -D uid=user.0,ou=people,dc=example,dc=com -w password -p 1389
bind successful



ldapsearch example showing the entry not returned when authenticating as the same user used in ldapbind (above) when searching for a specific user under the suffix dc=example,dc=com -

bash-4.1$ ./ldapsearch -p 1389 -D "uid=user.0,ou=People,dc=example,dc=com" -w password -b "dc=example,dc=com" "uid=user.1" dn

bash-4.1$

Access log shows BIND successful (BIND RES line with result=0) but SEARCH does not return the entry (SEARCH RES line with result=0 but nentries=0, where nentries value indicates the number of entries returned) -

[10/Jan/2018:15:30:49 +0000] CONNECT conn=16 from=127.0.0.1:34971 to=127.0.0.1:1389 protocol=LDAP
[10/Jan/2018:15:30:49 +0000] BIND REQ conn=16 op=0 msgID=1 type=SIMPLE dn="uid=user.0,ou=People,dc=example,dc=com" version=3
[10/Jan/2018:15:30:49 +0000] BIND RES conn=16 op=0 msgID=1 result=0 authDN="uid=user.0,ou=People,dc=example,dc=com" etime=4
[10/Jan/2018:15:30:49 +0000] SEARCH REQ conn=16 op=1 msgID=2 base="dc=example,dc=com" scope=sub filter="(uid=user.1)" attrs="dn"
[10/Jan/2018:15:30:49 +0000] SEARCH RES conn=16 op=1 msgID=2 result=0 nentries=0 etime=3
[10/Jan/2018:15:30:49 +0000] UNBIND REQ conn=16 op=2 msgID=3
[10/Jan/2018:15:30:49 +0000] DISCONNECT conn=16 reason="Client Disconnect"




Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms