Skip to Main Content
Forums

Security Software

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Interested in getting your voice heard by members of the Developer Marketing team at Oracle? Check out this post for AppDev or this post for AI focus group information.

Implementing Oracle 11g EUS fails with result=53 "A silent authentication operation failed with resu

SuNeRaMar 11 2016 — edited Mar 16 2016

hello,

we have EUS topology running with Oracle Database 11.2.0.4.0, OUD 11.1.2.3.1 and two ODSEE 11.1.1.7.3 backend servers, OUD is running in Proxy mode as Load Balancer with EUS, and ldapsearch to OUD Proxy works perfect and I see the activities both from  OUD and ODSEE access logs, no problem here

ldapsearch -h  <OUD_HOST> -p <PROXY PORT> -D uid=TCAISIK,ou=people,o=turkcell,dc=entp,dc=tgc -w <USER PW>  -b dc=entp,dc=tgc uid=TCAISIK cn


OUD access logs:

[11/Mar/2016:07:56:27 +0200] CONNECT conn=315 from=10.200.115.152:65453 to=10.200.115.186:1389 protocol=LDAP

[11/Mar/2016:07:56:27 +0200] BIND REQ conn=315 op=0 msgID=1 type=SIMPLE dn="uid=TCAISIK,ou=people,o=turkcell,dc=entp,dc=tgc" version=3

[11/Mar/2016:07:56:27 +0200] BIND PROXY_REQ conn=315 op=0 msgID=1 s_conn=65 s_msgid=693 dn="uid=TCAISIK,ou=people,o=turkcell,dc=entp,dc=tgc" s_credmode=use-client-identity type=simple

[11/Mar/2016:07:56:27 +0200] BIND PROXY_RES conn=315 op=0 msgID=1 result=0 s_conn=65 s_msgid=693 etime=8 s_authdn="uid=TCAISIK,ou=people,o=turkcell,dc=entp,dc=tgc"

[11/Mar/2016:07:56:27 +0200] BIND RES conn=315 op=0 msgID=1 result=0 authDN="uid=TCAISIK,ou=people,o=turkcell,dc=entp,dc=tgc" etime=0

[11/Mar/2016:07:56:27 +0200] SEARCH REQ conn=315 op=1 msgID=2 base="dc=entp,dc=tgc" scope=sub filter="(uid=TCAISIK)" attrs="cn"

[11/Mar/2016:07:56:27 +0200] SEARCH PROXY_REQ conn=315 op=1 msgID=2 s_conn=65 scope="sub" s_msgid=694 base="dc=entp,dc=tgc" s_credmode=use-client-identity filter="(uid=TCAISIK)"

[11/Mar/2016:07:56:27 +0200] SEARCH PROXY_RES conn=315 op=1 msgID=2 result=0 s_conn=65 s_msgid=694 etime=4 authzDN=uid=TCAISIK,ou=people,o=turkcell,dc=entp,dc=tgc nentries=1

[11/Mar/2016:07:56:27 +0200] SEARCH RES conn=315 op=1 msgID=2 result=0 nentries=1 etime=0

[11/Mar/2016:07:56:27 +0200] UNBIND REQ conn=315 op=2 msgID=3

[11/Mar/2016:07:56:27 +0200] DISCONNECT conn=315 reason="Client Disconnect"

ODSEE Access log

[10/Mar/2016:18:28:44 +0200] conn=11 op=290 msgId=291 - BIND dn="uid=TCAISIK,ou=people,o=turkcell,dc=entp,dc=tgc" method=128 version=3

[10/Mar/2016:18:28:44 +0200] conn=11 op=290 msgId=291 - RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=tcaisik,ou=people,o=turkcell,dc=entp,dc=tgc"

[10/Mar/2016:18:28:44 +0200] conn=11 op=291 msgId=292 - SRCH base="dc=entp,dc=tgc" scope=2 filter="(uid=TCAISIK)" attrs="cn objectClass"

[11/Mar/2016:07:56:27 +0200] conn=3 op=692 msgId=693 - BIND dn="uid=TCAISIK,ou=people,o=turkcell,dc=entp,dc=tgc" method=128 version=3

[11/Mar/2016:07:56:27 +0200] conn=3 op=692 msgId=693 - RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=tcaisik,ou=people,o=turkcell,dc=entp,dc=tgc"

[11/Mar/2016:07:56:27 +0200] conn=3 op=693 msgId=694 - SRCH base="dc=entp,dc=tgc" scope=2 filter="(uid=TCAISIK)" attrs="cn objectClass"

OUD Proxy and users and groups locations has been configured to work with EUS using ODSM, Oracle Context selected to be used by EUS using "netca" database registered in the ldap server, please check the output below

also all proxy definitions created and defined in the database

no problem so far,

PS: name of the database is "EUS"

ldapsearch -h oudhost -p -D cn=dirmanager -w <pwd> -b  cn=oraclecontext,dc=entp,dc=tgc cn=EUS

dn: cn=EUS,cn=OracleDefaultDomain,cn=OracleDBSecurity,cn=Products,cn=OracleCon

text,dc=entp,dc=tgc

objectClass: orclGroup

objectClass: groupofuniquenames

objectClass: orclDBEnterpriseRole_10i

objectClass: orclDBEnterpriseRole

objectClass: orclprivilegegroup

objectClass: top

objectClass: orclDBEnterpriseRole_82

orcldbserverrole: cn=EUS,cn=OracleContext,dc=entp,dc=tgc,GlobalRole=GLOBAL_AQ_ USER_ROLE

uniqueMember: uid=TCAISIK,ou=People,o=Turkcell,dc=entp,dc=tgc

cn: EUS

dn: cn=EUS,cn=OracleContext,dc=entp,dc=tgc

orclVersion: 112000

orclcommonrpwdattribute: {SASL-MD5}Dejg7DJcUIhHmnoIJbg2/Q==

objectClass: orclApplicationEntity

objectClass: orclService

objectClass: orclDBServer_92

objectClass: orclDBServer

objectClass: top

orclServiceType: DB

orclSid: EUS

cn: EUS

orclOracleHome: /export/home/oracle/app/oracle/product/11.2.0/dbhome_1

orclSystemName: pergamumnew

userPassword: {SSHA}oOVPz7gs69xcG/cbCAhQ3nZAGvSnd1r1/M0ZWw==

orclNetDescString: (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=pergamumnew.turkcell.tgc)(PORT=1521))(CONNECT_DATA=(SERVICE_NAME=EUS)))

orclDBGlobalName: EUS

orclNetDescName: 000:cn=DESCRIPTION_0

but when I try to connect to DB with sqlplus command, I've got error, please check the activity from OUD Proxy access log below

and there is NO activity on OUD Backend (ODSEE) servers

has anyone experienced this problem?

any help or advice highly appreciated

thank you,

pergamumnew:/export/home/oracle> sqlplus tcaisik

SQL*Plus: Release 11.2.0.4.0 Production on Fri Mar 11 07:43:00 2016

Copyright (c) 1982, 2013, Oracle.  All rights reserved.

Enter password:

ERROR:

ORA-01017: invalid username/password; logon denied

[11/Mar/2016:08:29:18 +0200] DISCONNECT conn=312 reason="Client Disconnect"

[11/Mar/2016:08:29:20 +0200] CONNECT conn=323 from=10.200.171.42:44803 to=10.200.115.186:1636 protocol=LDAPS

[11/Mar/2016:08:29:21 +0200] BIND REQ conn=323 op=0 msgID=1 type=SASL mechanism=DIGEST-MD5 dn="cn=eus,cn=oraclecontext,dc=entp,dc=tgc" version=3

[11/Mar/2016:08:29:21 +0200] BIND RES conn=323 op=0 msgID=1 result=14 etime=0

[11/Mar/2016:08:29:21 +0200] BIND REQ conn=323 op=1 msgID=2 type=SASL mechanism=DIGEST-MD5 dn="cn=eus,cn=oraclecontext,dc=entp,dc=tgc" version=3

[11/Mar/2016:08:29:21 +0200] BIND RES conn=323 op=1 msgID=2 result=0 authDN="cn=EUS,cn=OracleContext,dc=entp,dc=tgc" etime=0

[11/Mar/2016:08:29:21 +0200] SEARCH REQ conn=323 op=2 msgID=3 base="cn=OracleDBSecurity,cn=Products,cn=OracleContext,dc=entp,dc=tgc" scope=one filter="(&(objectclass=orcldbenterprisedomain_82)(uniqueMember=cn=EUS,cn=OracleContext,dc=entp,dc=tgc))" attrs="orclDBAuthTypes,dn"

[11/Mar/2016:08:29:21 +0200] SEARCH RES conn=323 op=2 msgID=3 result=0 nentries=1 etime=0

[11/Mar/2016:08:29:21 +0200] SEARCH REQ conn=323 op=3 msgID=4 base="cn=Common,cn=Products,cn=OracleContext,dc=entp,dc=tgc" scope=base filter="(objectclass=*)" attrs="ALL"

[11/Mar/2016:08:29:21 +0200] SEARCH RES conn=323 op=3 msgID=4 result=0 nentries=1 etime=0

[11/Mar/2016:08:29:21 +0200] SEARCH REQ conn=323 op=4 msgID=5 base="ou=People,o=Turkcell,dc=entp,dc=tgc" scope=sub filter="(uid=TCAISIK)" attrs="dn,authPassword,orclPassword,orclguid"

[11/Mar/2016:08:29:21 +0200] BIND PROXY_REQ conn=323 op=4 msgID=-1 s_conn=32 s_msgid=-1 dn="cn=EUS,cn=OracleContext,dc=entp,dc=tgc" s_credmode=use-client-identity type=simple

[11/Mar/2016:08:29:21 +0200] BIND PROXY_RES conn=323 op=4 msgID=-1 result=48 s_conn=32 s_msgid=-1 etime=1 s_authdn="cn=EUS,cn=OracleContext,dc=entp,dc=tgc"

[11/Mar/2016:08:29:21 +0200] SEARCH RES conn=323 op=4 msgID=5 result=53 message="A silent authentication operation failed with result code '48'" nentries=0 etime=0
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Apr 13 2016
Added on Mar 11 2016
#identity-management, #oracle-unified-directory-oud-oracle-directory-server-enterprise-edition-sun-dsee
4 comments
1,361 views