ldap_modify: Insufficient access

I was trying to run an ldif file that will modify certain attribute and objectclass.

I was giving the user details without quotes in ldap_modify command as shown below and it throws Insufficient access error.

[oracle@hostname bin]$ ./ldapmodify -h hostname -p 389 -D cn=orcladmin -W password -f oid_tuning.ldif
modifying entry cn=dsaconfig,cn=configsets,cn=oracle internet directory
ldap_modify: Insufficient access

When I tried with quotes as shown below, it worked like a charm!

[oracle@hostname bin]$ ./ldapmodify -h hostname -p 389 -D “cn=orcladmin” -w password -f oid_tuning.ldif
modifying entry cn=dsaconfig,cn=configsets,cn=oracle internet directory

The error looks like a user lock or access privileges issue, but the answer is quite simple. Anyhow, feel like it would be useful.

About the Author Mahendra

I am engulfed in Oracle Identity & Access Management domain. I have expertise on providing the optimized solutions for user provisioning, web access management, Single Sign-On and federation capabilities etc., I am also well versed with complex integrations within Identity Management and other product domains. I have expertise on building demos and implementation experience on products Oracle Access Manager, Oracle Adaptive Access Manager, Oracle Entitlement Server, Oracle Virtual Directory, Oracle Internet Directory etc., Look @ my blog: http://talkidentity.blogspot.com

Leave a Comment:

2 comments
glam says September 2, 2010

i guess its very straight fwd. -D takes in parameters to modify. when you put it without quotations, the “cn” is considered as a separate parameter like the “-D” to ldapmodify which is just wrong. Is rule from the shell and not an issue of ldapmodify.

cheers, Abdul

Reply
Mahendra says September 2, 2010

Alright then. Hope if others do the same mistake, it would be useful to easily troubleshoot. 🙂

Reply
Add Your Reply