My Oracle Support Banner

Linux O/S Authentication Against OID / Ldapsearch Fails With "ldap_sasl_interactive_bind_s: Local error" / su to a user Fails With "user does not exist". Or Fails with: /usr/bin/id: cannot find name for group ID <GROUP_ID> (Doc ID 277739.1)

Last updated on APRIL 03, 2020

Applies to:

Oracle Internet Directory - Version 9.0.4 and later
Linux OS - Version Oracle Linux 4.4 and later
Information in this document applies to any platform.
Red Hat Advanced Server



Symptoms

Oracle Internet Directory (OID).

OID built-in ldap command line, clients and applications are working and authenticating against OID without problems.

Trying to use OID ldap for Operating System (OS / O/S) or corportate authentication mechanism, i.e., Redhat Unix boxes to authenticate via OID.

Scenario 1

When running the client ldap_search, it returns:

ldap_sasl_interactive_bind_s: Local error


When trying "su" to a user defined in oracle LDAP server, it returns:

user does not exist


It appears that redhat openldap has built-in sasl, so to authenticate without sasl, tried downloading and recompiling, and reinstalling openldap on redhat without sasl, ran authconfig and put in the OID server ip address and the base db of cn=Users,<subscriber domain>. Ldapsearch return all users, but su to a user still fails with the same user does not exist error.

Cron adds these errors in the log:

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.