OUD - EUS Root-level Account, SASL Logins Cannot Use Anything Stronger Than AES Password Encryption

(Doc ID 2388599.1)

Last updated on APRIL 30, 2018

Applies to:

Oracle Unified Directory - Version and later
Information in this document applies to any platform.


Can password encryption EUS PBKDF2 SHA-512 be used for the EUS admin?

Is a reversible password storage scheme required for the password of the EUS admin?

Attempts to log in using SASL (from OEM EUS integration) fail:

[16/Apr/2018:08:18:51 -0400] CONNECT conn=203485 from=<IP>:57678 to=<IP>:1389 protocol=LDAP
[16/Apr/2018:08:18:51 -0400] BIND REQ conn=203485 op=0 msgID=1 type=SASL mechanism=DIGEST-MD5 dn="" version=3
[16/Apr/2018:08:18:51 -0400] BIND RES conn=203485 op=0 msgID=1 result=14 etime=6
[16/Apr/2018:08:18:51 -0400] BIND REQ conn=203485 op=1 msgID=2 type=SASL mechanism=DIGEST-MD5 dn="" version=3
[16/Apr/2018:08:18:51 -0400] BIND RES conn=203485 op=1 msgID=2 result=49 authFailureID=1245392 authFailureReason="SASL DIGEST-MD5 authentication is not possible for user cn=eusdm,cn=Root DNs,cn=config because none of the passwords in the user entry are stored in a reversible form" etime=107



Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms