My Oracle Support Banner

OUD - EUS Root-level Account, SASL Logins Cannot Use Anything Stronger Than AES Password Encryption (Doc ID 2388599.1)

Last updated on APRIL 30, 2018

Applies to:

Oracle Unified Directory - Version 11.1.2.3.180116 and later
Information in this document applies to any platform.

Goal

Can password encryption EUS PBKDF2 SHA-512 be used for the EUS admin?

Is a reversible password storage scheme required for the password of the EUS admin?

Attempts to log in using SASL (from OEM EUS integration) fail:

[16/Apr/2018:08:18:51 -0400] CONNECT conn=203485 from=<IP>:57678 to=<IP>:1389 protocol=LDAP
[16/Apr/2018:08:18:51 -0400] BIND REQ conn=203485 op=0 msgID=1 type=SASL mechanism=DIGEST-MD5 dn="" version=3
[16/Apr/2018:08:18:51 -0400] BIND RES conn=203485 op=0 msgID=1 result=14 etime=6
[16/Apr/2018:08:18:51 -0400] BIND REQ conn=203485 op=1 msgID=2 type=SASL mechanism=DIGEST-MD5 dn="" version=3
[16/Apr/2018:08:18:51 -0400] BIND RES conn=203485 op=1 msgID=2 result=49 authFailureID=1245392 authFailureReason="SASL DIGEST-MD5 authentication is not possible for user cn=eusdm,cn=Root DNs,cn=config because none of the passwords in the user entry are stored in a reversible form" etime=107

 

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.