“sgslunlListen: Bind failed (port=389), OS error=(13)” error in ldap log: Unable to bind to ldap

There are 2 nodes of OAM, OID in our production environment. When the first node services are down i.e., OAM and OID, the applications or webgate should talk to 2nd node OAM service which is already configured in OAM access servers for failover, but that is not happening.

However, the status of services OAM, OID are pretty much ALIVE.  So this has put me in doubt. Bouncing OID and OAM applications did not solve the problem. So I had stop OAM services first to ensure whether my LDAP is working fine. Below is the error when I execute ldapbind command.

[oracle@host bin]$ ./ldapbind
Cannot connect to the LDAP server
[oracle@host bin]

I got a clue here that there is some issue with OID and when I checked the ldap logs, I found the error shown below.

2011/02/14:19:05:01 * Main:0 * sgslunlListen: Bind failed (port=389), OS error=(13)
2011/02/14:19:05:01 * Main:0 * FATAL * main * Dispatcher Process unable to bind to port

Cause:

After some research I found that this issue is because of the permission change for files oidldapd, oidmon and oidrepld (not sure how) . You can find these commands at location $ORACLE_HOME/bin. The existing permissions are given below:

[oracle@host bin]$ ls -ltr oidldapd
-rwxrwxrwx  1 root oinstall 2747063 Oct 12 15:21 oidldapd
[oracle@
host bin]$ ls -ltr oidmon
-rwxrwxrwx  1 oracle oinstall 1695043 Dec 29 20:43 oidmon
[oracle@
host bin]$ ls -ltr oidrepld
-rwxrwxrwx  1 oracle oinstall 1847833 Dec 29 20:43 oidrepld

What is the action plan?

The actual permissions for these commands should be as shown below.

oidldapd:
-rws--x--- root dba
oidmon:
-rws--x--- oracle dba
oidrepld:
-rws--x--- oracle dba 

I logged in as root user and executed the below command at the location $ORACLE_HOME/bin.

chmod 4710 oidldapd
chmod 4710 oidmon
chmod 4710 oidrepld

Stopped OID process as shown below.

./opmnctl stopproc process-type=OID

Searched for ldap processes using the command given below.

ps -ef | grep oidldap

killed those processes which are ALIVE.

Stopped the oidmon process as shown below at the location $ORACLE_HOME/bin.

./oidmon connect=<oid_db> stop

Searched for oid process as shown below and killed live processes.

ps -ef | grep oid

Started the OID component now as shown below.

./opmnctl startproc process-type=OID

Then, tried ldapbind command and it worked like a charm!!!!

[oracle@host bin]$ ./ldapbind
bind successful

Helpful notes:

Metalink Article: 1172775.1

About the Author Mahendra

I am engulfed in Oracle Identity & Access Management domain. I have expertise on providing the optimized solutions for user provisioning, web access management, Single Sign-On and federation capabilities etc., I am also well versed with complex integrations within Identity Management and other product domains. I have expertise on building demos and implementation experience on products Oracle Access Manager, Oracle Adaptive Access Manager, Oracle Entitlement Server, Oracle Virtual Directory, Oracle Internet Directory etc., Look @ my blog: http://talkidentity.blogspot.com

Leave a Comment:

3 comments
steve says July 14, 2011

Your solution solved this issue for me. This occurred after doing a restore of the binaries. I spent a lot of time trying to figure this one out.
Thank you – you’re a life-saver!

Reply
iwmi says December 14, 2011

Question, how were the permissions got chanaged?

Reply
Frank says May 3, 2017

Sometimes Oracle patches have the habbit of changing permissions.

Reply
Add Your Reply

Not found