Oracle® Fusion Middleware

Oracle Unified Directory Bundle Patch Readme

12c (12.2.1.3.180829)

E99224-01

October 2018

This document describes Bundle Patch 12c Release (12.2.1.3.180829) for Oracle Unified Directory.

This document requires base installation of Oracle Unified Directory 12c. It contains the following sections:

Understanding Bundle Patches

This section describes bundle patches and explains differences between bundle patches, patch set exceptions (also known as one-offs), and patch sets.

Bundle Patch

A bundle patch is an official Oracle patch for Oracle Unified Directory. In a bundle patch release string, the fifth digit indicated the bundle patch number. Effective November 2015, the version numbering format has changed. The new format replaces the numeric fifth digit of the bundle version with a release date in the form "YYMMDD" where:

  • YY is the last 2 digits of the year

  • MM is the numeric month (2 digits)

  • DD is the numeric day of the month (2 digits)

Each bundle patch includes libraries and files that have been rebuilt to implement one or more fixes. All of the fixes in a bundle patch are tested and certified to work with one another. Each bundle patch is cumulative. That is, the latest bundle patch includes all fixes in earlier bundle patches for the same release.

Patch Set Exception

In contrast to a bundle patch, a patch set exception addressed only one issue for a single component. Although each patch set exception was an official Oracle patch, it was not a complete product distribution and did not include packages for every component. A patch set exception included only the libraries and files that had been rebuilt to implement a specific fix for a specific component.

Patch Set

A patch set is a mechanism for delivering fully tested and integrated product fixes. A patch set can include new functionality. Each patch set includes the libraries and files that have been rebuilt to implement bug fixes (and new functions, if any). However, a patch set might not be a complete software distribution and might not include packages for every component on every platform. All of the fixes in a patch set are tested and certified to work with one another on the specified platforms.

Bundle Patch Requirements

This section describes the OUD bundle patch requirements for this release.

Ensure that you meet the following requirements before you apply or remove the bundle patch:

  • Verify and update the OPatch version to 13.9.4.0.0.

    1. Access and log into My Oracle Support at the following location:

      https://support.oracle.com/

    2. In the Search Knowledge Base field, enter 1587524.1. This is the ID of the document that describes Using OUI NextGen OPatch 13 for Oracle Fusion Middleware 12c.

    3. In the search results, click the link corresponding to document ID 1587524.1.

    4. In the document, click the Patch 28186730 link which will take you to the screen where you can obtain the OPatch 13.9.4.0.0.

  • Verify the OUI Inventory.

    OPatch needs access to a valid OUI inventory to apply patches. Validate the OUI inventory with the following commands:

    Unix

    $ opatch lsinventory

    Windows

    opatch.bat lsinventory

    If the command errors out, contact Oracle Support and work to validate and verify the inventory setup before proceeding.

  • Confirm the executables appear in your system PATH.

    Unix

    $ which opatch

    $ which unzip

    Windows

    where opatch.bat

    where unzip

    If the command errors out, contact Oracle Support and work to validate and verify the inventory setup before proceeding.If either of these executables do not show in the PATH, correct the problem before proceeding.

  • Create a location for storing the unzipped patch. This location will be referred to later in the document as PATCH_TOP.

Before Applying the Bundle Patch

This section describes the requirements before applying the bundle patch.

You must satisfy the following requirements before applying this bundle patch:

  1. Prepare the application server instance for patching OUDSM.

    On WebLogic, stop the Administration Server (the WebLogic domain used for OUDSM).

    Note:

    You must read about the OUDSM auto redeployment instructions in Documentation Updates before applying this bundle patch.

  2. Set ORACLE_HOME environment variable to Oracle Middleware Home Location (under which OUD is installed).

    For example:

    Unix

    $ <bash> export ORACLE_HOME="Oracle Middleware Home Location"

    Windows

    <prompt> set ORACLE_HOME="Oracle Middleware Home Location"

  3. Verify that ORACLE_HOME is set correctly by running.

    Unix
    ls $ORACLE_HOME/OPatch/opatch

    Windows

    dir %ORACLE_HOME%\OPatch\opatch.bat

Note:

See Understanding the Oracle Unified Directory Installation Directories to know about OUD installation directories.

Applying the Bundle Patch

  1. Unzip the patch zip file into the PATCH_TOP , wherePATCH_TOP is a directory path that temporarily contains the patch for installation.

    Unix

    $ unzip -d PATCH_TOP p28569189_122130_Generic.zip

    Windows

    unzip -d PATCH_TOP p28569189_122130_Generic.zip

    Note:

    On Windows, the unzip command has a limitation of 256 characters in the path name.If you encounter this, use an alternate ZIP utility such as 7-Zip to unzip the patch. For example, to unzip using 7-Zip, run the command:
    "c:\Program Files\7-Zip\7z.exe" x p28569189_122130_Generic.zip
  2. Set your current directory to the directory where the patch is located. For example:

    Unix

    $ cd PATCH_TOP/28569189

    Windows

    cd PATCH_TOP\28569189
  3. Run OPatch to apply the patch.

    Unix

    $ [ORACLE_HOME]/OPatch/opatch apply

    Windows

    [ORACLE_HOME]\OPatch\opatch.bat apply
When OPatch starts, it validates the patch and makes sure that there are no conflicts with the software already installed in the ORACLE_HOME.

  • Conflicts with a patch already applied to the ORACLE_HOME.

    In this case, stop the patch installation, and contact Oracle Support Services.

After Applying the Bundle Patch

You need to perform certain tasks after applying the bundle patch

  1. Check the Oracle Unified Directory installation has been patched. For example:
    Unix
    $ [ORACLE_HOME]/<dsInstanceName>/OUD/bin/start-ds -F
    Windows
    [ORACLE_HOME]\<dsInstanceName>\OUD\bat\start-ds.bat -F

    Note:

    OUD patch version can be determined from the output, based on the values for Build ID, Platform Version and Label Identifier fields.
  2. Upgrade Oracle Unified Directory server instances that are associated with the ORACLE_HOME directory. For example:
    Unix
    $ [ORACLE_HOME]/<dsInstanceName>/OUD/bin/start-ds --upgrade
    Windows
    [ORACLE_HOME]/<dsInstanceName>\OUD\bat\start-ds.bat --upgrade

    Note:

    The preceding step is executed to upgrade OUD instance according to the patched version of OUD in ORACLE_HOME. If start-ds is executed to start OUD instance without executing start-ds --upgrade, following message will be displayed:

    Instance needs to be upgraded. Please run the start-ds command with the option "--upgrade"

  3. Restart all the Directory Server instances using the start-ds command. For example:
    Unix
    $ [ORACLE_HOME]/<dsInstanceName>/OUD/bin/start-ds
    Windows
    [ORACLE_HOME]\<dsInstanceName>\OUD\bat\start-ds.bat
  4. Allow the application server instance to uptake the OUDSM patch.

    Note:

    On WebLogic, start the Administration Server (the WebLogic domain used for OUDSM).

Creating the File based Access Control Log Publisher

This step is optional.You can create a File Based Access Control Log publisher for diagnosing ACI evaluation. This publisher should be disabled as soon as diagnostic is over as it impacts server performance.

Note:

Once this publisher is created, the de-installation of this patch will not be possible as the server would no longer be able to start.

To create the File Based Access Control Log publisher, a server administrator must invoke the following dsconfig command against a server instance that is already up and running: 

dsconfig create-log-publisher \
         --publisher-name "ACI logger" \
         --type file-based-access-control \
         --set enabled:true \
         --set log-file:logs/acilog \
         --hostname serverHostName --port 4444 \
         --trustAll --bindDN cn=Directory\ Manager \
         --bindPasswordFile passwordFile \
         --no-prompt

The following entry is created in the server configuration file config.ldif:

dn: cn=ACI logger,cn=Loggers,cn=config
         objectClass: ds-cfg-log-publisher
         objectClass: ds-cfg-access-control-log-publisher
         objectClass: ds-cfg-file-based-access-control-log-publisher
         objectClass: top
         ds-cfg-enabled: true
         ds-cfg-java-class: org.opends.server.loggers.accesscontrol.TextAccessControlLogPublisher
         ds-cfg-asynchronous: true
         cn: ACI logger
         ds-cfg-log-file-permissions: 640
         ds-cfg-log-file: logs/acilog

Removing the Bundle Patch

If you experience any problems after installing the bundle patch, you can remove the bundle patch.

Execute the following commands to remove the bundle patch:

  1. Set the ORACLE_HOME environment variable to Oracle Middleware Home Location (under which OUD is installed).

    Unix

    $ <bash> export ORACLE_HOME="Oracle Middleware Home Location"

    Windows

    <prompt> set ORACLE_HOME="Oracle Middleware Home Location"
  2. Verify the OUI inventory with the following commands:

    Unix

    $ [ORACLE_HOME]/OPatch/opatch lsinventory

    Windows

    [ORACLE_HOME]\OPatch\opatch.bat lsinventory
  3. Run OPatch to deinstall the patch.

    Unix

    $ [ORACLE_HOME]/OPatch/opatch rollback -id 28569189
    Windows
    [ORACLE_HOME]\OPatch\opatch.bat rollback -id 28569189
  4. In the case of a Directory Server instance created after the application of this patch, once the patch is removed, the instance buildinfo still looks like:
    $ cat [ORACLE_HOME]/<dsInstanceName>/OUD/config/buildinfo 12.2.1.3.180829.1808290419
  5. The instance buildinfo must be manually changed back:
    $ cp [ORACLE_HOME]/oud/config/buildinfo [ORACLE_HOME]/<dsInstanceName>/OUD/config/buildinfo
    For example, 
    $ cat [ORACLE_HOME]/<dsInstanceName>/OUD/config/buildinfo 12.2.1.3.0.1707270900
  6. After removing the bundle patch, start the OUD instance with the following command:
    Unix
    $ [ORACLE_HOME]/<dsInstanceName>/OUD/bin/start-ds
    Windows
    [ORACLE_HOME]\<dsInstanceName>\OUD\bat\start-ds.bat

Resolved Issues

This section lists the issues resolved in 12c Release.

Resolved Issues in 12c Release (12.2.1.3.180829)

The following table lists the issues resolved in Release (12.2.1.3.180829):

Table 1-1 Issues Resolved in 12c Release (12.2.1.3.180829)

Bug Number Description

27847613

CHANGING MULTIPLE-VALUES PASSWORD POLICY WITH 2 STORAGE SCHEME FAILS

28017604

OUD PROXY NON-RETRIEVABLE ATTRIBUTES FOR OPERATIONAL ATTRIBUTES NOT WORKING

28130109

BINDING AS SECONDARY PARTICIPANT USER FAILS AGAINST FORKJOIN CONFIGURATION

27745214

OUDSM 12C - EUS INFORMATION ARE NOT DISPLAYED

27804567

OAM NOT ABLE TO AUTHENTICATE TO OUD 12C PROXY USING RDBMS

27032565

APPENDING DATA VIA IMPORT-LDIF CAUSES ACI PRIVILEGE TO BE LOST

27752576

EUS WITH DB12CR2 OUD12C PROXY AND NOVELL NOT WORKING: ORA-28274

28052332

OUD 12C FORK JOIN SECONDARY PARTICIPANT ISSUE WITH LDAPSEARCH FILTER

27030137

DIAG - AUDIT LOG TO STORE MODIFIERSNAME AND MODIFYTIMESTAMP.

21839259

LDAPSEARCHES RESULT NOT AS EXPECTED WHEN USING MEMBER IN NUMERIC FORMAT

27940182

OUD 12C STATIC/VIRTUAL STATIC GROUP MEMBERSHIP CROSS REFERENCE AMONG SUFFIXES

20033750

ODSM: REPL MANAGER: AUTO REFRESH DOESN'T TAKE INTO ACCOUNT REPL GROUP SETTING

Resolved Issues in 12c Release (12.2.1.3.180626)

Applying this bundle patch resolves the issues listed in the table.

Table 1-2 Issues Resolved in 12c Release (12.2.1.3.180626)

Bug Number Description

28074093

ONE OFF BUILD FAILED FOR PLATFORM_VERSION IN 12C APRIL BP

27689317

LDAPSEARCH WITH DYNAMICALLY LINKED USER AS UNIQUE MEMBER DOES NOT DISPLAY DESCR

27782271

HIGHLY COMPLEX SEARCH FILTERS DO NOT RETURN RESULTS AND SLOW DOWN SERVER

27822171

PATCH 27782271 WORKS ONLY UPTO 100 NESTED FILTERS

27538880

OUD APRIL'18 BP ( 27491238) ISSUE

27460616

OUD RETURNS A ROOT DSE ENTRY OF A REMOTE LDAP SERVER AS ITS OWN ROOT DSE ENTRY

27768179

ROUTINE RESTART OF OUD SERVER MAKES OUD UNRESPONSIVE

27585207

ERROR WHEN CHECKING THE COMPATIBILITY OF THE DSEE CONSUMER

27309834

REBUILD-ALL INDEXES IN BETWEEN THE DELETE AND THE PURGE RESULT TOMBSTONES ISSUE

27195037

REPLICATION INFO MISSING ON ODSM REPLICATION TOPOLOGY TAB WHEN REPLICA OFFLINE

26828546

OUD | ORCLSOURCEMODIFYTIMESTAMP ATTRIBUTE ALLOWS DUPLICATE ENTRIES

27151076

REGRESSSION OF UPDATES ON SINGLE VALUED ATTRIBUTES ARE NOT REPLICATED PROPERLY

27147081

OUD USER RESOURCE LIMITS NOT ENFORCED ON SEARCHES USING PROXY-AUTH

27116703

OUD SERVER IN DIFFERENT LOCATIONS-REMOTE HOST CLOSED CONNECTION DURING HANDSHAKE

26969822

STOP-DS SLOW WHEN REPLICATION IS ENABLED

Resolved Issues in 12c Release (12.2.1.3.180322)

The following table lists the issues resolved in Release (12.2.1.3.180322):

Table 1-3 Issues Resolved in 12c Release (12.2.1.3.180322)

Bug Number Description

27337656

OVD OBJECTCLASS MAPPER PLUGIN IN OUD

27027834

SUPPORT COMPLEX FILTER FOR TOKENIZE-ATTRIBUTE TRANSFORMATION

26616633

FMW_DIAG_IMPROVEMENT - HANDLING EMPTY CATCH BLOCKS IN WORKFLOWELEMENT

26579516

LDIF IMPORT VIA ODSM CONSOLE SHOWING INCORRECT STATUS

25556682

FMW_DIAG_IMPROVEMENT - HANDLING EMPTY CATCH BLOCKS IN REPLICATION

27337538

SAML XASP PLUGIN THROUGH OUD

26878832

ISMEMBEROF QUERY SLOW FOR COMPLEX SEARCHES INVOLVING STATIC GROUPS

27036003

ODE CORRECTION ON THE TRANSACTION OF BASE BUG 26828755

27337446

COORDINATORADAPTER THROUGH UNION WFE IN OUD

27337617

DYNAMICGROUPS PLUGIN THROUGH OUD

26557145

DEBUG WARNING LOG MESSAGE IS REQUIRED TO HELP DEBUGGING

26389404

REPLICATION EXIT WITHOUT WRITING ANY LOG IN DEBUG LOG WHEN ENTRYUUID NOT FOUND

26051378

PWDRESET FLAG DOES NOT SYNC PROPERLY BETWEEN REPLICATED OUD SERVERS

25659967

OUD DELETED REFERENCE ENTRIES ARE NOT REPLICATING TO OTHER SERVERS

24912151

REPLICATION OUT OF SYNC AT ATTRIBUTE LEVEL AFTER STRESS TEST

26651161

DPS2OUD FAILS WITH ERROR "FATAL ERROR DURING THE PROCESSING OF THE DPS CONFIG"

25543336

OUD PROXY DOESN'T RETURN AD ENTRIES WITH DUPLICATE DSCOREPROPAGATIONDATA

26397668

OUD SEARCH BEHAVIOR WITH WHITESPACE AND WILDCARD (*) IN THE SEARCH FILTER

25524876

USERCERTIFICATE;BINARY ATTRIBUTE IS NOT SHOWED RIGHT

27421407

LDAPSEARCH RESULTS IN DIFFERENT ATTRIBUTES RETURNED BY LDAPSEARCH WRT OVD

27638073

UNION LDAPSEARCH WITH SEARCHFIRSTMATCH TRUE AUTOTUNESEARCHOPTION TRUE FAILS

27621150

OBJECTCLASS MAPPER TRANSFO:FILTER-ATTRIBUTE NOT APPLIED FOR LDAPSEARCH,COMPARE

27567476

LDAPSEARCH WITH DYNAMIC GROUPS PLUGIN CHANGES CASE OF O IN OUD OVD RETAINS IT

27499608

LDAPSEARCH ISSUES WITH DYNAMIC GROUPS PLUGIN

27716604

OUD 12C APR'18 BP - DIFS OBSERVED IN DYNAMIC GROUPS PLUGIN TESTING.

27456961

LDAPSEARCH WITH ANONYMOUS ACCESS NEEDS TO DISPLAY NO ENTRY WITH SAML XASP PLUGIN

27428553

LDAPSEARCH IN OUD DOES NOT RETURN RESULTS WITHOUT OBJECTCLASS IN FILTER

27537121

LDAPSEARCH WITH FETCH-BOTH-STATIC-DYNAMIC DOES NOT WORK FOR DYNAMIC GRP PLUGIN

27622404

TOKENIZE ATTRIBUTE TRANSFORMATION - LDAPSEARCH RETURNS INVALID RESULTS

27451993

LDAPSEARCH RETURNS ALL ATTRIBUTES REGARDLESS OF ATTRIBUTE NAME IN SEARCH CRITERI

Known Issues and Workarounds

This section describes about the known issues in the current release.

Known issues and their workarounds in Oracle Unified Directory Release (12.2.1.3.180829) are described in the Oracle Unified Directory chapter of the Release Notes for Oracle Identity Management document. You can access the Release Notes document in the Oracle Identity Management Documentation library at the following URL:

https://docs.oracle.com/middleware/12213/idmsuite/IDMRN/toc.htm

For issues documented after the release of this OUD Bundle Patch Release (12.2.1.3.180829), refer to My Oracle Support Document 2378916.1 at https://support.oracle.com

For information about OPatch issues, see My Oracle Support and use the OPatch version provided with the product.

Documentation Updates

This section describes documentation updates for this release.

Note:

See REST APIs for administering Oracle Unified Directory at the following URL: https://docs.oracle.com/middleware/12213/oud/OUDRT/index.html

OUDSM Auto Redeployment Instructions

The oudsm.ear file is shipped along with every OUD bundle patch (bppatchnumber/files/oracle.idm.oud.odsm/12.2.1.3.0/oracle.idm.oud.odsm.symbol/odsm/oudsm.ear). A new oudsm.ear file is included with bundle patch for Release 12.2.1.3.180829 would be patched at the following location:

$ORACLE_HOME/oud/odsm/oudsm.ear

When you restart the Server for the first time after applying the patch, it will automatically redeploy the new oudsm.ear file. Therefore, you might experience a slower restart of the Server. You must look at the logs related to oudsm.ear file deployment.

If for any reason the oudsm.ear file deployment fails during the first restart of the Server, then you manually need to redeploy the file.

Related Documents

For more information, see the following resources:

Documentation Accessibility

For information about Oracle's commitment to accessibility, visit the Oracle Accessibility Program website at http://www.oracle.com/pls/topic/lookup?ctx=acc&id=docacc.

Access to Oracle Support

Oracle customers that have purchased support have access to electronic support through My Oracle Support. For information, visit http://www.oracle.com/pls/topic/lookup?ctx=acc&id=info or visit http://www.oracle.com/pls/topic/lookup?ctx=acc&id=trs if you are hearing impaired.

Oracle Fusion Middleware Oracle Unified Directory Bundle Patch Readme, 12c (12.2.1.3.180829)

E99224-01

Copyright © 2018, 2018, Oracle and/or its affiliates. All rights reserved.

This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited.

The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing.

If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, then the following notice is applicable:

U.S. GOVERNMENT END USERS: Oracle programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, delivered to U.S. Government end users are "commercial computer software" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, use, duplication, disclosure, modification, and adaptation of the programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, shall be subject to license terms and license restrictions applicable to the programs. No other rights are granted to the U.S. Government.

This software or hardware is developed for general use in a variety of information management applications. It is not developed or intended for use in any inherently dangerous applications, including applications that may create a risk of personal injury. If you use this software or hardware in dangerous applications, then you shall be responsible to take all appropriate fail-safe, backup, redundancy, and other measures to ensure its safe use. Oracle Corporation and its affiliates disclaim any liability for any damages caused by use of this software or hardware in dangerous applications.

Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.

Intel and Intel Xeon are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. AMD, Opteron, the AMD logo, and the AMD Opteron logo are trademarks or registered trademarks of Advanced Micro Devices. UNIX is a registered trademark of The Open Group.

This software or hardware and documentation may provide access to or information about content, products, and services from third parties. Oracle Corporation and its affiliates are not responsible for and expressly disclaim all warranties of any kind with respect to third-party content, products, and services unless otherwise set forth in an applicable agreement between you and Oracle. Oracle Corporation and its affiliates will not be responsible for any loss, costs, or damages incurred due to your access to or use of third-party content, products, or services, except as set forth in an applicable agreement between you and Oracle.