OUD 12c Admin User Bypasses HandleBind Plug-in / Custom PlugIn Bind Fails for Users Under cn=root dns,cn=config: [LDAP: error code 50 - The request control with Object Identifier (OID) "18.104.22.168.2.10.15" cannot be used due to insufficient access rights]
(Doc ID 2699833.1)
Last updated on AUGUST 14, 2020
Applies to:Oracle Unified Directory - Version 22.214.171.124.0 and later
Information in this document applies to any platform.
Oracle Unified Directory (OUD)12c admin user bypasses custom handleBind plug-in.
Clients using several LDAP controls not implemented in OUD (for example admin control 126.96.36.199.2.10.15).
OUD server rejects the user connections with the following message:
To prevent this error, a custom plugin (for Bind and Modify operations) was created that suppresses undesired controls.
This plug in works perfectly with non-root users but not for Bind operation for users created under cn=Root DNs,cn=config (in this case is ds-cfg-alternate-bind-dn: cn=root).
The documentation does not show any restrictions for handleBind and type of users making the requests. Is this a bug or product design?
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document