LDAP Configuration Changed during 11.2.3.3.0 Exadata Patching (Doc ID 1642662.1)

Last updated on FEBRUARY 03, 2020

Applies to:

Linux OS - Version Oracle Linux 5.8 with Unbreakable Enterprise Kernel [2.6.39] and later
Oracle Cloud Infrastructure - Version N/A and later
Information in this document applies to any platform.
When patching to 11.2.3.3.0, the /etc/ ldap.conf and other authentication files are modified.
This change in behavior is part of a security enhancement.

The following lines are appended to your ldap.conf file.

# GEN008020
tls_checkpeer yes
# GEN008040
tls_crlcheck all

FIPS 140-2 approved hashing has also been added to the pam functionality.

Symptoms

If you have LDAP setup on your Linux node and you are not able to log in, this may be the issue.

Changes

Upgrading to 11.2.3.3.0 from 11.2.3.2.1. Everything worked fine in 11.2.3.2.1.

Cause

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

LDAP Configuration Changed during 11.2.3.3.0 Exadata Patching (Doc ID 1642662.1)

Applies to:

Symptoms

Changes

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!