My Oracle Support Banner

ODSEE - After an Update From an LDAP Client the Replica Consumer contains the New User Password, Primary Replica Still Contains the Old User Password (Doc ID 2354884.1)

Last updated on MAY 19, 2021

Applies to:

Oracle Directory Server Enterprise Edition - Version and later
Information in this document applies to any platform.


Two ODSEE instances - one Primary Server and one Consumer

The Consumer has the correct referral implemented that targets the Primary Server.

A Linux RHEL7 station uses a Native LDAP (Naming Services) configuration with SSSD - System Security Services Daemon and is connected to the Consumer LDAP (SSSD provides a set of daemons to manage access to remote directories and authentication mechanisms).

When a user of the Linux station changes the password, the sssd-ldap will try to update the Consumer, the Consumer will receive the new password, but the Primary Server still has the old password...

An ldapmodify test done on a user via consumer will be correctly done in Primary Server and Consumer where the consumer will receive the referral and return the referral  (with information about the Primary Server) back to the client so that the Primary Server receives the write operation.


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.