OUD: Search result: Insufficient access(50), The request control with Object Identifier (OID) “1.2.840.113556.1.4.319” cannot be used due to insufficient access rights

While working on my recent OUD implementation, I got below error:

Search result: Insufficient access(50), The request control with Object Identifier (OID) "1.2.840.113556.1.4.319" cannot be used due to insufficient access rights

This is an ACI issue. To resolve this, change the ACIs on control 1.2.840.113556.1.4.319 from ldap://all to ldap://anyone

a) Go to OUD config file OUD_INSTANCE/config/config.ldif file

b) Locate line: 

ds-cfg-global-aci: (targetcontrol="1.3.6.1.1.12 || 1.3.6.1.1.13.1 || 1.3.6.1.1.13.2 || 1.2.840.113556.1.4.319 || 1.2.826.0.1.3344810.2.3 || 2.16.840.1.113730.3.4.18 || 2.16.840.1.113730.3.4.9 || 1.2.840.113556.1.4.473 || 1.3.6.1.4.1.42.2.27.9.5.9") (version 3.0; acl "Authenticated users control access"; allow(read) userdn="ldap:///all";) 

c) Change it to

ds-cfg-global-aci: (targetcontrol="1.3.6.1.1.12 || 1.3.6.1.1.13.1 || 1.3.6.1.1.13.2 || 1.2.840.113556.1.4.319 || 1.2.826.0.1.3344810.2.3 || 2.16.840.1.113730.3.4.18 || 2.16.840.1.113730.3.4.9 || 1.2.840.113556.1.4.473 || 1.3.6.1.4.1.42.2.27.9.5.9") (version 3.0; acl "Anonymous control access"; allow(read) userdn="ldap:///anyone";) 

d) Restart OUD instance now and test the issue.

Hope it helps.

Related Posts:

• OUD: Creating a new suffix to be created in different DB: manage-suffix
• Coexistence topology: Installing OUD (Oracle Unified Directory) as a Replication Gateway for ODSEE (Oracle Directory Server Enterprise Edition)
• Oracle Unified Directory Administration: OUD: Start and Stop Servers
• Oracle Unified Directory Architecture: OUD: Network Groups: Workflows: Workflow Items
• Oracle Unified Directory: OUD: ODSM Installation: 11gR2PS3