OUD12c - When Running 'ldapsearch' Command Observing StartTLS Error - "EXTENDED RES ... name="StartTLS" oid="1.3.6.1.4.1.1466.20037" result=52 message="StartTLS cannot be enabled on this LDAP client connection ..."
(Doc ID 2495619.1)
Last updated on APRIL 18, 2022
Applies to:
Oracle Unified Directory - Version 12.2.1.3.0 and laterInformation in this document applies to any platform.
Symptoms
When running ldapsearch with the -q option StartTLS errors -
$ ./ldapsearch -h host -p <LDAP_PORT> -D "cn=<DS_ADMIN>" -q -b "ou=People,<SUFFIX_DN>" -s sub "uid=<USER.0>*" dn
Password for user 'cn=<DS_ADMIN>':
StartTLS cannot be enabled on this LDAP client connection because the corresponding LDAP connection handler is configured to reject StartTLS requests. The use of StartTLS can be enabled using the ds-cfg-allow-start-tls configuration attribute
Result Code: 52 (Unavailable)
Additional Information: StartTLS cannot be enabled on this LDAP client connection because the corresponding LDAP connection handler is configured to reject StartTLS requests. The use of StartTLS can be enabled using the ds-cfg-allow-start-tls configuration attribute
Password for user 'cn=<DS_ADMIN>':
StartTLS cannot be enabled on this LDAP client connection because the corresponding LDAP connection handler is configured to reject StartTLS requests. The use of StartTLS can be enabled using the ds-cfg-allow-start-tls configuration attribute
Result Code: 52 (Unavailable)
Additional Information: StartTLS cannot be enabled on this LDAP client connection because the corresponding LDAP connection handler is configured to reject StartTLS requests. The use of StartTLS can be enabled using the ds-cfg-allow-start-tls configuration attribute
In the OUD access log -
[17/Jan/2019:03:37:09 +0000] EXTENDED REQ conn=4 op=0 msgID=1 name="StartTLS" oid="1.3.6.1.4.1.1466.20037"
[17/Jan/2019:03:37:09 +0000] EXTENDED RES conn=4 op=0 msgID=1 name="StartTLS" oid="1.3.6.1.4.1.1466.20037" result=52 message="StartTLS cannot be enabled on this LDAP client connection because the corresponding LDAP connection handler is configured to reject StartTLS requests. The use of StartTLS can be enabled using the ds-cfg-allow-start-tls configuration attribute" etime=10
[17/Jan/2019:03:37:09 +0000] EXTENDED RES conn=4 op=0 msgID=1 name="StartTLS" oid="1.3.6.1.4.1.1466.20037" result=52 message="StartTLS cannot be enabled on this LDAP client connection because the corresponding LDAP connection handler is configured to reject StartTLS requests. The use of StartTLS can be enabled using the ds-cfg-allow-start-tls configuration attribute" etime=10
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Cause |
Solution |