I am able to bind as end user to OUD . I have ACI configuration that let me self bind to OUD but when i set up adapter in OVD i am unable to do it .Recommended configuration changes ?
Here is how the self entry read and modification ACI for OUD is set up:
(targetattr = "userpassword || authpassword") (version 3.0; acl "Self entry read"; allow (read,compare,search) userdn = "ldap:///self";)
(targetattr = "userpassword || authpassword") (version 3.0; acl "Self entry modification"; allow (write) userdn = "ldap:///self";)
OVD Adapter setting:
<ldap id="OUD" version="53">
<root>ou=People,dc=org,dc=com</root>
<active>true</active>
<routing>
<critical>true</critical>
<priority>50</priority>
<inclusionFilter/>
<exclusionFilter/>
<plugin/>
<retrieve/>
<store/>
<visible>Yes</visible>
<levels>-1</levels>
<bind>true</bind>
<bind-adapters/>
<views/>
<dnpattern/>
</routing>
<pluginChains xmlns="http://xmlns.oracle.com/iam/management/ovd/config/plugins">
<plugins>
<plugin>
<name>UserManagement</name>
<class>com.octetstring.vde.chain.plugins.usermanagement.UserManagement</class>
<initParams>
<param name="directoryType" value="oud"/>
<param name="mapObjectclass" value="container=orclContainer"/>
<param name="oamEnabled" value="false"/>
<param name="oimDateFormat" value="yyyyMMddHHmmss'z'"/>
<param name="pwdMaxFailure" value="10"/>
</initParams>
</plugin>
<plugin>
<name>Performance Monitor</name>
<class>com.octetstring.vde.chain.plugins.performance.MonitorPerformance</class>
<initParams/>
</plugin>
<plugin>
<name>fliter</name>
<class>com.octetstring.vde.chain.plugins.hide.HideEntriesByFilter</class>
<initParams>
<param name="hideFilter" value="(departmentNumber=114*)"/>
</initParams>
</plugin>
</plugins>
<default>
<plugin name="UserManagement"/>
<plugin name="Performance Monitor"/>
<plugin name="fliter"/>
</default>
<add/>
<bind/>
<delete/>
<get/>
<modify/>
<rename/>
</pluginChains>
<hosts>
<host port="1636" percentage="100" readonly="false">idstoredev.idm.org.com</host>
</hosts>
<remoteBase>ou=People,dc=org,dc=com</remoteBase>
<secure>true</secure>
<failover>false</failover>
<passCredentials>Always</passCredentials>
<binddn>cn=oudadminbak</binddn>
<bindpass>{AES-CBC}dfgkjnlghjd#$%^dfbSGh</bindpass>
<dnAttributeList>
<attribute>uniquemember</attribute>
<attribute>manager</attribute>
<attribute>secretary</attribute>
<attribute>owner</attribute>
</dnAttributeList>
<pageSize>0</pageSize>
<referals>false</referals>
<heartBeatInterval>60</heartBeatInterval>
<timeout>999999</timeout>
<maxPoolSize>10</maxPoolSize>
<maxPoolWait>1000</maxPoolWait>
<maxPoolChecks>10</maxPoolChecks>
<quickFail>false</quickFail>
<escapeSlashes>true</escapeSlashes>
<kerberos>false</kerberos>
<useDNS>No</useDNS>
<ssl>
<protocols>SSLv3,TLSv1</protocols>
<cipherSuites/>
</ssl>
<pingprotocol>tcp</pingprotocol>
<kerberosRetry>false</kerberosRetry>
</ldap>