ODSEE - After an Update From an LDAP Client the Replica Consumer contains the New User Password, Primary Replica Still Contains the Old User Password (Doc ID 2354884.1)

Last updated on NOVEMBER 29, 2022

Applies to:

Symptoms

Two ODSEE instances - one Primary Server and one Consumer

The Consumer has the correct referral implemented that targets the Primary Server.

A Linux RHEL7 station uses a Native LDAP (Naming Services) configuration with SSSD - System Security Services Daemon and is connected to the Consumer LDAP (SSSD provides a set of daemons to manage access to remote directories and authentication mechanisms).

When a user of the Linux station changes the password, the sssd-ldap will try to update the Consumer, the Consumer will receive the new password, but the Primary Server still has the old password...

An ldapmodify test done on a user via consumer will be correctly done in Primary Server and Consumer where the consumer will receive the referral and return the referral  (with information about the Primary Server) back to the client so that the Primary Server receives the write operation.

Cause

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.