My Oracle Support Banner

Failure to Bind as User from Secondary Participant in a Proxy ForkJoin Configuration (Doc ID 2436170.1)

Last updated on MARCH 08, 2019

Applies to:

Oracle Unified Directory - Version and later
Information in this document applies to any platform.


According to OUD 12c documentation, binding as a user that only exists in the secondary participant of a proxy forkjoin configuration (where the join policy is set to full-outer-join) will work.

"When join-policy is set to full-outer-join and BIND operation is enabled on secondary participant, then bind is allowed even for secondary-only users that do not exist in the primary participant at all."

Please reference the following links to documentation for further details.

Fusion Middleware Administering Oracle Unified Directory About Bind Operations

Fusion Middleware Administering Oracle Unified Directory About ForkJoin Participants

However, this is not the case. Attempts to bind as a user from the secondary participant fail. In the example below, the configured join suffix is "dc=example,dc=com" and an attempt to bind as "uid=ckent,ou=people,dc=example,dc=com" (who exists only on the secondary participant) fails.
[oracle@example bin]$ ./ldapsearch -p 10389 -D "uid=ckent,ou=people,dc=example,dc=com" -w welcome1 -b "dc=example,dc=com" uid=*
The simple bind attempt failed
Result Code: 49 (Invalid Credentials)
[oracle@example bin]$




To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.