Linux O/S Authentication Against OID / Ldapsearch Fails With "ldap_sasl_interactive_bind_s: Local error" / su to a user Fails With "user does not exist". Or Fails with: /usr/bin/id: cannot find name for group ID <GROUP_ID>
(Doc ID 277739.1)
Last updated on APRIL 03, 2020
Applies to:Oracle Internet Directory - Version 9.0.4 and later
Linux OS - Version Oracle Linux 4.4 and later
Information in this document applies to any platform.
Red Hat Advanced Server
Oracle Internet Directory (OID).
OID built-in ldap command line, clients and applications are working and authenticating against OID without problems.
Trying to use OID ldap for Operating System (OS / O/S) or corportate authentication mechanism, i.e., Redhat Unix boxes to authenticate via OID.
When running the client ldap_search, it returns:
When trying "su" to a user defined in oracle LDAP server, it returns:
It appears that redhat openldap has built-in sasl, so to authenticate without sasl, tried downloading and recompiling, and reinstalling openldap on redhat without sasl, ran authconfig and put in the OID server ip address and the base db of cn=Users,<subscriber domain>. Ldapsearch return all users, but su to a user still fails with the same user does not exist error.
Cron adds these errors in the log:
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document