OUD Traffic from Unix Clients Using PAM Authentication Increased Significantly (Doc ID 2920346.1)

Last updated on JANUARY 12, 2023

Applies to:

Symptoms

Applied SSL certificates to Oracle Unified Directory (OUD) LDAP that were expiring and restarted the service.

No client side changes were done.

The unix clients in question, using PAM (Pluggable Authentication Module) authentication, are actually not even using SSL/lLDAPS configuration with OUD, just regular LDAP, so the above change does not seem related, and perhaps only the fact that OUD was restarted is related.

Since the server change, seeing increased volumes from application clients.

The OUD logs are showing a lot more of the following searches over and over from all the different clients:

Understand that privilege for the accounts could be opened but that is not secure or desired so would not be the correct solution, and could even create performance problems.

In addition, the same searches appear prior to the server change, so these searches/failures could be normal/expected part of the authentication flow.

The clients are not experiencing any problem and continue to login and work ok.

The only problem is that the traffic seems to have increased considerably and so has the number of the searches reported in the OUD logs.

Changes

Cause

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.