OUD Proxy with AD Extension Fails Intermittently with the Error "00002040: SvcErr: DSID-031403F9, problem 5010 (UNAVAIL_EXTENSION), data 0"
(Doc ID 2915512.1)
Last updated on APRIL 17, 2024
Applies to:
Oracle Unified Directory - Version 12.2.1.3 and laterInformation in this document applies to any platform.
Symptoms
OUD proxy Server is connecting to couple of AD server using the AD server extensions and different workflow elements.
Intermittently OUD clients (OAM in this case) are getting access denied errors while using the applications after login.
Log files print the below information:
[2022-10-21T16:53:54.649+00:00] [OAM_SERVER] [ERROR] [] [oracle.oam.user.identity.provider] [tid: [ACTIVE].ExecuteThread: '31' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <WLS Kernel>] [ecid: ECID,0:3:1] [APP: OAM_SERVER] [partition-name: DOMAIN] [tenant-name: GLOBAL] Failed to check if user : XXXXX_users, is assigned to group : OAMIDStore : for idstore oracle.igf.ids.IDSException: Failed to get the next entry. Unwilling to Perform AdditionalInfo: LDAP Error 53 : [LDAP: error code 12 - 00002040: SvcErr: DSID-031403F9, problem 5010 (UNAVAIL_EXTENSION), data 0[[
Please note that the error message does not take into account the DN renaming occurring between client base DN:dc=SUFFIX_DN_1 and source base DN:ou=regular accounts,dc=SUFFIX_DN_2 with exception {3}. oracle.security.am.engines.common.identity.provider.exceptions.IdentityProviderException: OAMSSA-20037: Failed to check if user : cfa_users, is assigned to group : OAMIDStore : for idstore oracle.igf.ids.IDSException: Failed to get the next entry. Unwilling to Perform AdditionalInfo: LDAP Error 53 : [LDAP: error code 12 - 00002040: SvcErr: DSID-<DSID>, problem 5010 (UNAVAIL_EXTENSION), data 0
Please note that the error message does not take into account the DN renaming occurring between client base DN:dc=SUFFIX_DN_1 and source base DN:ou=regular accounts,dc=SUFFIX_DN_2 with exception {3}.
at oracle.security.am.engines.common.identity.provider.impl.ids.IDSRoleProviderImpl.isUserAssignedToGroup(IDSRoleProviderImpl.java:449)
at oracle.security.am.engines.common.identity.provider.impl.IdentityProviderImpl.isUserAssignedToGroup(IdentityProviderImpl.java:829)
...
Caused by: : [LDAP: error code 12 - 00002040: SvcErr: DSID-031403F9, problem 5010 (UNAVAIL_EXTENSIO_Failed to get the next entry. Unwilling to Perform AdditionalInfo_ LDAP Error 53N), data 0
Please note that the error message does not take into account the DN renaming occurring between client base DN:dc=SUFFIX_DN_1 and source base DN:ou=regular accounts,dc=SUFFIX_DN_2 with exception {3}. oracle.security.am.engines.common.identity.provider.exceptions.IdentityProviderException: OAMSSA-20037: Failed to check if user : cfa_users, is assigned to group : OAMIDStore : for idstore oracle.igf.ids.IDSException: Failed to get the next entry. Unwilling to Perform AdditionalInfo: LDAP Error 53 : [LDAP: error code 12 - 00002040: SvcErr: DSID-<DSID>, problem 5010 (UNAVAIL_EXTENSION), data 0
Please note that the error message does not take into account the DN renaming occurring between client base DN:dc=SUFFIX_DN_1 and source base DN:ou=regular accounts,dc=SUFFIX_DN_2 with exception {3}.
at oracle.security.am.engines.common.identity.provider.impl.ids.IDSRoleProviderImpl.isUserAssignedToGroup(IDSRoleProviderImpl.java:449)
at oracle.security.am.engines.common.identity.provider.impl.IdentityProviderImpl.isUserAssignedToGroup(IdentityProviderImpl.java:829)
...
Caused by: : [LDAP: error code 12 - 00002040: SvcErr: DSID-031403F9, problem 5010 (UNAVAIL_EXTENSIO_Failed to get the next entry. Unwilling to Perform AdditionalInfo_ LDAP Error 53N), data 0
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Cause |
| Solution |