After Changing a User Password in Oidadmin/OID 10g, ldapbind Fails with Invalid Credentials. A ldapsearch Returns Strange/Weird Characters for the Userpassword Value (Doc ID 789096.1)

Last updated on MARCH 13, 2019

Applies to:

Symptoms

After changing a user password in Oracle Internet Directory (OID) 10.1.4.0.1 or 10.1.4.2, Oracle Directory Manager (oidadmin Java GUI tool), a bind fails with "invalid credentials" and a search shows the userpassword value with weird characters.

Steps to reproduce:

1. Create a user, i.e. userB, like an existing/working userA, and set a userpassword such as Password1!
   
   
2. Test a bind and a search against the user, and it shows the correct password, i.e.:
   
   
   a.  ldapbind -h <oid host> -p <port> -D "cn=userB,cn=users,dc=mycompany,dc=com" -w Password1!
        > bind successful
   b.  ldapsearch -h <oid host> -p <port> -D cn=orcladmin" -w <password> -b "cn=userB,cn=users,dc=mycompany,dc=com" -L objectclass=* userpassword
        > userpassword: Password1!

1. Log into oidadmin, change the password to, i.e., Password2! for the userB.
2. Run the same bind and search commands again, the bind fails and now the userpassword shows with strange characters, i.e.:
   
   
   a.  ldapbind -h <oid host> -p <port> -D "cn=userB,cn=users,dc=mycompany,dc=com" -w Password2!
        > ldap_bind: Invalid credentials
   b. ldapsearch -h <oid host> -p <port> -D cn=orcladmin" -w <password> -b "cn=userB,cn=users,dc=mycompany,dc=com" -L objectclass=* userpassword
        > userpassword:: IA==

Additional Symptom:  Attempting to login to SSO gives the following error in the web browser:

Cause

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.