Unable to Create Users in E-Business Suite After Implementing SSO/OID

I recently implemented OID/SSO with E-Business Suite 11.5.10 CU2, and experienced some issues after the entire setup went smoothly. I hope this note might help others troubleshoot, as it took me a while to figure out the root cause of the problem.

Facts

1. E-Business Suite Version 11.5.10 CU2
2. 10G Version 10.1.2.2

You have done the install and everything went fine. After the bounce you see the following:

1. Login from a remote location
2. Navigate to Administrator System –> Security –> User –> create
3. Enter username and save. The error occurs.

Unable to call fnd_ldap_wrapper.create_user due to the following reason:
ORA-20001: Unable to call fnd_ldap_wrapper.create_user due to the following reason:
An unexpected error occured . Please contact System Administrator..(USER_NAME=OIDTEST)

Cause 1

This error is misleading. Make sure you use both numeric and alphanumeric characters in the “password” as that’s the policy for OID passwords by default.

Cause 2

oidsrv might be down.

Investigations

1. check if OID is up using a ldapbind command
2. check if the infra database is up and connecting: sqlplus ods/[email protected]
3. check if the oid processes from ORACLE has the correct owners, see Metalink note 361800.1, workaround A

Solution

1. $ORACLE_HOME/opmn/bin/opmnctl stopproc process-type=OID
2. ps -ef | grep oid — If there are still some oidmon and oidldapd processes, kill them.
3. ls -ltr $ORACLE_HOME/bin/oid*
4. cd $ORACLE_HOME/bin
chown root oidldapd
chdmod 0710 oidldapd
chmod u+s oidldapd
5. Move all the logs from $ORACLE_HOME/ldap/log
6. Connect via sqlplus like SYS: truncate table ods.ods_process;
7. $ORACLE_HOME/opmn/bin/opmnctl startproc process-type=OID
8. ps -ef | grep oid

Unless something else is the culprit, the above approaches will resolve this issue.

Regards,
Balraj S.