This document describes Bundle Patch 12.2.1.3.220329 for Oracle Unified Directory.

This document requires base installation of Oracle Unified Directory 12c (12.2.1.3.0). It includes the following sections:

1.1 Understanding Bundle Patches

This section describes bundle patches and explains differences between bundle patches, interim patches (also known as patch set exceptions), and patch sets.

1.1.1 Stack Patch Bundle

Stack patch Bundle deploys the IDM product and dependent FMW patches using a tool. For more information about these patches, see Quarterly Stack Patch Bundles (Doc ID 2657920.1) at https://support.oracle.com.

1.1.2 Bundle Patch

A bundle patch is an official Oracle patch for Oracle Unified Directory. In a bundle patch release string, the fifth digit indicated the bundle patch number. Effective November 2015, the version numbering format has changed. The new format replaces the numeric fifth digit of the bundle version with a release date in the form "YYMMDD" where:

  • YY is the last 2 digits of the year

  • MM is the numeric month (2 digits)

  • DD is the numeric day of the month (2 digits)

Each bundle patch includes libraries and files that have been rebuilt to implement one or more fixes. All of the fixes in a bundle patch are tested and certified to work with one another. Each bundle patch is cumulative. That is, the latest bundle patch includes all fixes in earlier bundle patches for the same release.

1.1.3 Interim Patch

In contrast to a bundle patch, an interim patch addressed only one issue for a single component. Although each interim patch was an official Oracle patch, it was not a complete product distribution and did not include packages for every component. An interim patch included only the libraries and files that had been rebuilt to implement a specific fix for a specific component.

You may also know an interim patch as: security one-off, exception release, x-fix, PSE, MLR, or hotfix.

1.1.4 Patch Set

A patch set is a mechanism for delivering fully tested and integrated product fixes. A patch set can include new functionality. Each patch set includes the libraries and files that have been rebuilt to implement bug fixes (and new functions, if any). However, a patch set might not be a complete software distribution and might not include packages for every component on every platform. All of the fixes in a patch set are tested and certified to work with one another on the specified platforms.

1.2 Bundle Patch Recommendation

Oracle has certified the dependent Middleware component patches for Identity Management products and recommends that Customers apply these certified patches. For more information on these patches, see the note Certification of Underlying or Shared Component Patches for Identity Management Products (Doc ID 2627261.1) at https://support.oracle.com.

1.3 Bundle Patch Requirements

Before you run OPatch, find the OPatch utility in the Oracle home (ORACLE_HOME) and verify that you have the latest version.

Complete the following steps before you apply the bundle patch:

  • Verify that the OPatch version is 13.9.4.2.7 or higher.

    1. Run opatch version to check if your Opatch version is earlier than 13.9.4.2.7. If so, download the latest 13.9.4.2.7 version.

      See Locating and Obtaining the Latest Version of OPatch in in Patching with OPatch.

    2. Access and log into My Oracle Support at the following location:

      https://support.oracle.com/

    3. In the Search Knowledge Base field, enter 2622426.1. This is the ID of the document that describes how to get the correct OPatch.

    4. In the search results, click the link corresponding to document ID 2622426.1.

    5. In the document, click the Patch 28186730 link which will take you to the screen where you can obtain the OPatch 13.9.4.2.7 or higher.

  • Verify the OUI Inventory:

    OPatch needs access to a valid OUI inventory to apply patches. Validate the OUI inventory with the following commands:

    Unix

    $ opatch lsinventory

    Windows

    opatch.bat lsinventory

    If the command throws errors than contact Oracle Support and work to validate and verify the inventory setup before proceeding.

  • Confirm the executables appear in your system PATH.

    Unix

    $ which opatch

    $ which unzip

    Windows

    where opatch.bat

    where unzip

    If the command errors out, contact Oracle Support and work to validate and verify the inventory setup before proceeding. If either of these executables do not show in the PATH, correct the problem before proceeding.

  • Create a location for storing the unzipped patch. This location will be referred to later in the document as PATCH_TOP.

1.4 Before Applying the Bundle Patch

Before you apply the bundle patch for Oracle Unified Directory 12c (12.2.1.3.0), you must set the environment variable and stop all the Directory Server instances and domains.

Note:

You must read about the OUDSM auto redeployment instructions in Documentation Updates before applying this bundle patch.

You must complete the following prerequisites for applying the bundle patch:

  1. Set ORACLE_HOME environment variable to Oracle Middleware Home Location (under which OUD is installed).

    For example:

    Unix

    $ <bash> export ORACLE_HOME="Oracle Middleware Home Location"

    Windows

    <prompt> set ORACLE_HOME="Oracle Middleware Home Location"

  2. Verify that ORACLE_HOME is set correctly by running the following command.

    Unix
    ls $ORACLE_HOME/OPatch/opatch

    Windows

    dir %ORACLE_HOME%\OPatch\opatch.bat

  3. Stop all the Directory Server instances and domains where Oracle Unified Directory Services Manager (OUDSM) is installed, depending upon the domain configuration.

    1. Stop Standalone Oracle Unified Directory Server

      If you installed Oracle Unified Directory in a Standalone Oracle Unified Directory Server (Managed independently of WebLogic server) mode, stop all the Directory Server instances using the stop-ds command.

      Unix
      ORACLE_HOME/INSTANCE_NAME/OUD/bin/stop-ds

      Windows

      ORACLE_HOME\INSTANCE_NAME\OUD\bat\stop-ds.bat

    2. Stop Collocated Oracle Unified Directory Server

      If you installed Oracle Unified Directory in a Collocated Oracle Unified Directory Server (Managed through WebLogic server) mode, complete the following steps:

      1. Stop the OUD instance by running the following command from command line interface.

        Unix

        DOMAIN_HOME/bin/stopComponent.sh INSTANCE_NAME

        Windows

        DOMAIN_HOME\bin\stopComponent.bat INSTANCE_NAME
      2. Stop the node manager.

        Unix

        DOMAIN_HOME/bin/stopNodeManager.sh

        Windows

        DOMAIN_HOME\bin\stopNodeManager.cmd
      3. Stop the Oracle WebLogic Administration Server.

        Unix

        DOMAIN_HOME/bin/stopWebLogic.sh

        Windows

        DOMAIN_HOME\bin\stopWebLogic.cmd

    3. Stop the Oracle Directory Integration Platform and OUDSM Configured in a Single Domain

      Note:

      This is optional only for configurations with DIP/OUDSM in a Single Domain.

      If you added OUDSM and Oracle Directory Integration Platform in a single domain, you must stop the Admin Server and Managed Server.

      1. Stop the Oracle Directory Integration Platform Managed Server:

        Unix
        DOMAIN_HOME/bin/stopManagedWebLogic.sh

        Windows

        DOMAIN_HOME\bin\stopManagedWebLogic.cmd

      2. Stop the Oracle WebLogic Administration Server:

        Unix
        DOMAIN_HOME/bin/stopWebLogic.sh

        Windows

        DOMAIN_HOME\bin\stopWebLogic.cmd

Note:

See Understanding the Oracle Unified Directory Installation Directories to know about OUD installation directories.

1.5 Using the Oracle Patch Mechanism (Opatch)

Use OPatch to perform the necessary steps for applying a patch to an Oracle home.

Note:

You must have the latest version of Opatch (version 13.9.4.2.7 ) from My Oracle Support. Opatch requires access to a valid Oracle Universal Installer (OUI) Inventory to apply patches.

The patching process uses both unzip and Opatch executables. After sourcing the ORACLE_HOME environment, Oracle recommends that you confirm that both of these exist before patching. Opatch is accessible at: 

$ORACLE_HOME/OPatch/opatch

When Opatch starts, it validates the patch to ensure there are no conflicts with the software already installed in your $ORACLE_HOME:

  • If you find conflicts with a patch already applied to the $ORACLE_HOME, stop the patch installation and contact Oracle Support Services.
  • If you find conflicts with a subset patch already applied to the $ORACLE_HOME, continue Bundle Patch application. The subset patch is automatically rolled back before installation of the new patch begins. The latest Bundle Patch contains all fixes from the previous Bundle Patch in $ORACLE_HOME.

This Bundle Patch is not -auto flag enabled. Without the -auto flag, no servers need to be running. The Machine Name & Listen Address can be blank on a default install.

See Also:

Patching with OPatch

Identifying the Version of OPatch Included with Oracle Unified Directory 12c

In general, there is a version of OPatch available for each version of the Oracle Universal Installer software.

To identify the version of OPatch:
  1. Change directory to the following directory:
    cd ORACLE_HOME/OPatch/
  2. Run the following command:
    ./opatch version

    For example:

    ./opatch version
OPatch Version: 13.9.4.2.7

OPatch succeeded.

1.6 Applying the Bundle Patch

Unzip the patch zip file and run OPatch to apply the patch.

To apply the bundle patch, complete the following steps:
  1. Unzip the patch zip file into the PATCH_TOP , where PATCH_TOP is a directory path that temporarily contains the patch for installation.

    Unix

    $ unzip -d PATCH_TOP p34012477_122130_Generic.zip

    Windows

    unzip -d PATCH_TOP p34012477_122130_Generic.zip

    Note:

    On Windows, the unzip command has a limitation of 256 characters in the path name. If you encounter this, use an alternate ZIP utility such as 7-Zip to unzip the patch. For example, run the following command to unzip using 7-Zip:
    "c:\Program Files\7-Zip\7z.exe" x p34012477_122130_Generic.zip
  2. Set your current directory to the directory where the patch is located. For example:

    Unix

    $ cd PATCH_TOP/34012477

    Windows

    cd PATCH_TOP\34012477
  3. Run OPatch to apply the patch.

    Unix

    $ [ORACLE_HOME]/OPatch/opatch apply

    Windows

    [ORACLE_HOME]\OPatch\opatch.bat apply
When OPatch starts, it validates the patch and makes sure that there are no conflicts with the software already installed in the ORACLE_HOME.

  • Conflicts with a patch already applied to the ORACLE_HOME.

    In this case, stop the patch installation, and contact Oracle Support Services.

  • Conflicts with subset patch already applied to the ORACLE_HOME.

    In this case, continue the install, as the new patch contains all the fixes from the existing patch in the ORACLE_HOME.

1.7 After Applying the Bundle Patch

You need to perform certain tasks after applying the bundle patch.

Perform the following steps after applying the bundle patch:
  1. Verify if the Oracle Unified Directory installation has been patched by running the start-ds command.

    For example:

    Unix

    $ [ORACLE_HOME]/<dsInstanceName>/OUD/bin/start-ds -F

    Windows

    [ORACLE_HOME]\<dsInstanceName>\OUD\bat\start-ds.bat -F

    Note:

    OUD patch version can be determined from the output, based on the values for Build ID, Platform Version and Label Identifier fields.
  2. Upgrade Oracle Unified Directory server instances that are associated with the ORACLE_HOME directory.

    For example:

    Unix

    $ [ORACLE_HOME]/<OUD-Instance-Path>/OUD/bin/start-ds --upgrade

    Windows

    [ORACLE_HOME]/<OUD-Instance-Path>\OUD\bat\start-ds.bat --upgrade

    The preceding step is executed to upgrade OUD instance according to the patched version of OUD in ORACLE_HOME. If start-ds is executed to start OUD instance without executing start-ds --upgrade, following message will be displayed: Instance needs to be upgraded. Please run the start-ds command with the option "--upgrade"

  3. Start all the Directory Server instances depending upon the domain configuration.

    Start Standalone Oracle Unified Directory Server

    If you installed Oracle Unified Directory in a Standalone Oracle Unified Directory Server (Managed independently of WebLogic server) mode, start all the Directory Server instances using the start-ds command. For example:

    Unix

    $ [ORACLE_HOME]/<dsInstanceName>/OUD/bin/start-ds

    Windows

    [ORACLE_HOME]\<dsInstanceName>\OUD\bat\start-ds.bat

    Start Collocated Oracle Unified Directory Server

    If you installed Oracle Unified Directory in a Collocated Oracle Unified Directory Server (Managed through WebLogic server) mode, complete the following steps:

    1. Start the Oracle WebLogic Administration Server.

      Unix

      DOMAIN_NAME/bin/startWebLogic.sh

      Windows

      DOMAIN_HOME\bin\startWebLogic.cmd
    2. Start the node manager.

      Unix

      $DOMAIN_NAME/bin/startNodeManager.sh

      Windows

      DOMAIN_HOME\bin\startNodeManager.cmd
    3. Start the OUD instance by running the following command from command line interface.

      Unix

      startComponent.sh INSTANCE_NAME

      For example:

      $DOMAIN_HOME/bin/startComponent.sh oud1

      where oud1 is the instance name/server name created using WLST

      Windows

      startComponent.bat INSTANCE_NAME

      For example:

      DOMAIN_HOME\bin\startComponent.bat oud1

      where oud1 is the instance name/server name created using WLST

  4. If you created and configured a Weblogic domain for OUDSM then you must restart the Administration Server. Allow the application server instance to redeploy the new oudsm.ear file in the patch.
  5. If you added OUDSM and Oracle Directory Integration Platform in a single domain, you must start the Admin Server and Managed Server.

    1. Start the Oracle WebLogic Administration Server.

      Unix
      DOMAIN_HOME/bin/startWebLogic.sh

      Windows

      DOMAIN_HOME\bin\startWebLogic.cmd

    2. Start the Oracle Directory Integration Platform Managed Server:

      Unix
      DOMAIN_HOME/bin/startManagedWebLogic.sh <wls_ods1> <ADMIN_SERVER_URL>

      Windows

      DOMAIN_HOME\bin\startManagedWebLogic.cmd <wls_ods1> <ADMIN_SERVER_URL>

      Where managed_server_name specifies the name of the Managed Server (The default value is wls_ods1.) and admin_url specifies the listen address (host name, IP address, or DNS name) and port number of the domain's Administration Server.

  6. You may need to update Config.ldif file to remove PIN file.
    1. The attributes ds-cfg-key-store-pin-file, ds-cfg-trust-store-pin-file, and ds-cfg-key-pin-file are not removed for an upgraded instance for backward compatibility. You will see a warning during upgrade process stating that those attributes are still populated. Use dsconfig to remove the value of the attributes after upgrade has been done successfully.
    2. If a truststore configuration entry does not have its pin attribute populated then you will see a warning during upgrade and server startup. Use dsconfig to update the pin attribute with the password of the truststore to prevent those warnings.
    3. While creating a new instance with SSL port disabled, the default configuration entry for any disabled keystore or truststore would still have attribute ds-cfg-key-store-pin-file populated. This can be ignored. Whenever you enable that keystore or trusstore then you will have to reset the pin-file attribute. You need to provide the pin of the keystore or truststore by using the pin attribute only.

1.8 Creating the File based Access Control Log Publisher

This step is optional. You can create a File Based Access Control Log publisher for diagnosing ACI evaluation. This publisher should be disabled as soon as diagnostic is over as it impacts server performance.

Note:

Once this publisher is created, the de-installation of this patch will not be possible as the server would no longer be able to start.

To create the File Based Access Control Log publisher, a server administrator must invoke the following dsconfig command against a server instance that is already up and running: 

dsconfig create-log-publisher \
         --publisher-name "ACI logger" \
         --type file-based-access-control \
         --set enabled:true \
         --set log-file:logs/acilog \
         --hostname serverHostName --port 4444 \
         --trustAll --bindDN cn=Directory\ Manager \
         --bindPasswordFile passwordFile \
         --no-prompt

The following entry is created in the config.ldif: server configuration file: 

dn: cn=ACI logger,cn=Loggers,cn=config
         objectClass: ds-cfg-log-publisher
         objectClass: ds-cfg-access-control-log-publisher
         objectClass: ds-cfg-file-based-access-control-log-publisher
         objectClass: top
         ds-cfg-enabled: true
         ds-cfg-java-class: org.opends.server.loggers.accesscontrol.TextAccessControlLogPublisher
         ds-cfg-asynchronous: true
         cn: ACI logger
         ds-cfg-log-file-permissions: 640
         ds-cfg-log-file: logs/acilog

1.9 Removing the Bundle Patch

If you experience any problems after installing the bundle patch, you can remove the bundle patch.

Note:

Before you remove the bundle patch, ensure that you shutdown Oracle Unified Directory, WebLogic Administration Server, and NodeManager. For more information, refer Before Applying the Bundle Patch.

Run the following commands to remove the bundle patch:

  1. Set the ORACLE_HOME environment variable for Oracle Middleware Home Location (Where Oracle Unified Directory is installed).

    Unix

    $ <bash> export ORACLE_HOME="Oracle Home Location"

    Windows

    <prompt> set ORACLE_HOME="Oracle Home Location"
  2. Verify the OUI inventory by running the following command:

    Unix

    $ [ORACLE_HOME]/OPatch/opatch lsinventory

    Windows

    [ORACLE_HOME]\OPatch\opatch.bat lsinventory
  3. Run OPatch to deinstall the patch:

    Unix

    $ [ORACLE_HOME]/OPatch/opatch rollback -id 34012477
    Windows
    [ORACLE_HOME]\OPatch\opatch.bat rollback -id 34012477
  4. In the case of a Directory Server instance created after the application of this patch, once the patch is removed, the instance buildinfo still looks like:
    $ cat [ORACLE_HOME]/<dsInstanceName>/OUD/config/buildinfo 12.2.1.3.220329.2203291213
  5. The instance buildinfo must be manually changed back:
    $ cp [ORACLE_HOME]/oud/config/buildinfo [ORACLE_HOME]/<dsInstanceName>/OUD/config/buildinfo
    For example, 
    $ cat [ORACLE_HOME]/<dsInstanceName>/OUD/config/buildinfo 12.2.1.3.220329.2203291213
  6. After removing the bundle patch, start the OUD instance by running the following command:
    Unix
    $ [ORACLE_HOME]/<dsInstanceName>/OUD/bin/start-ds
    Windows
    [ORACLE_HOME]\<dsInstanceName>\OUD\bat\start-ds.bat

1.10 Resolved Issues

This section lists the issues resolved in 12c Release.

1.10.1 Resolved Issues in OUD Bundle Patch 12.2.1.3.220329

The following table lists the issues resolved in OUD Bundle Patch 12.2.1.3.220329:

Table 1-1 Issues Resolved in OUD Bundle Patch 12.2.1.3.220329

Bug Number Description
28311056 ADD CONFIGURABLE SEARCHCOUNTLIMIT PARAMETER IN OUD PROXY
31087872 FIX for BUG 31087872
32283362 OUD DOES NOT RESPECT SIZE LIMITS WHEN USING PROXY AUTHORIZATION
32656018 --PROPERTIESFILEPATH" IS NOT WORKING WITH OUD STATUS COMMAND
32576057 OUD 12C USER PASSWORD POLICY ATTRIBUTES NOT REMOVED FROM UNTRUSTED REPLICA
33377025 MODIFICATIONS RESULTS IN 2 PWDFAILURETIME ATTRIBUTES WHILE REPLICATION WORKS.
32577340 OUD - UPDATES TO SCHEMA NOT BEING WRITTEN OUT TO 99USER.LDIF
33276603 OUD 12.2.1.4 REPLICATION GATEWAY REPLICATING INCOMPLETE TOMBSTONES FROM ODSEE 11
33277588 CREATE-PASSWORD-VALIDATOR --TYPE CHARACTER-SET DISPLAYS AN EXTRA CHARACTER WHEN AND EXCLUED CHARACTER IS ENCOUNTERED
33517788 OUD12C: ISMEMEBEROF FILTER DOES NOT WORK AS EXPECTED
33521773 AD EXTENSION DOWN AFTER APPLYING THE LATEST OUD BP 33448950 12.2.1.4.211008

1.10.2 Resolved Issues in OUD Bundle Patch 12.2.1.3.210929

The following table lists the issues resolved in OUD Bundle Patch 12.2.1.3.210929:

Table 1-2 Issues Resolved in OUD Bundle Patch 12.2.1.3.210929

Bug Number Description
32643974 OUD 12C ACI NOT EVALUATED PROPERLY W/SASL EXTERNAL AND OBJECTCLASS=GROUPOFURLS
33340220 OUD 12CPS4 OCT'21 BP - DSREPLICATION ENABLE FAILING WITH NEW LISTENADDRESS1 PARAMETER
26965203 BINARY ATTRIBUTE CANNOT BE UPDATED AND ADDED AS NEW SAME NAME ATTRIBUTE
33055228 REPLICATION NULLPOINTEREXCEPTION CAUSED BY CONFLICTS-HISTORICAL-PURGE-DELAY AND REPLICATION-PURGE-DELAY
32288501 OUD PROXY- LOAD BALANCING ALGORITHM NOT DETECTING DISABLED BACKENDS
32488611 "LOG-CONNECTION-DETAILS" ENABLED THROWS "NULLPOINTEREXCEPTION"
32440224 LAST-LOGIN-TIME FOR REPLICATED SERVERS LOCATED IN DIFFERENT TIMEZONES
32477736 REPLICATION INITIALIZE FAILS ON BASE DN CONTAINING SLASH CHAR
32690984 CERTIFICATES GET CORRUPTED THROUGH THE REPLICATION GATEWAY:ODSEE-OUD 12.2.1.4
32441706 OUD12.2.1.4.0:PASSWORD POLICY ALLOWING TO RE-USE OLD PASSWORDS STORED IN PWDHIST
32968947 OUD KERBEROS PTA /TMP FILE JAASXXXXXXXXXXXXXXXXXXX.CONF
32130922 OUD 12C FORKJOIN LDAPSEARCH FAILS WITH COMPLEX FILTER
29530047 PASSWORD VISIBLE IN ACCESS LOG OF FOR DB WORKFLOWS
32038977 OUD REPLICATION STOPPED WHILE BATCH DELETING WITH MANAGEDSAIT CONTROL
31661241 NEED TO DEFINE LISTEN-ADDRESS FOR REPLICATION SERVER

1.10.3 Resolved Issues in OUD Bundle Patch 12.2.1.3.210408

The following table lists the issues resolved in OUD Bundle Patch 12.2.1.3.210408:

Table 1-3 Issues Resolved in OUD Bundle Patch 12.2.1.3.210408

Bug Number Description
32562107 ODSEE-OUD 12.2.1.4 CERTIFICATES GET CORRUPTED THROUGH THE REPLICATION GATEWAY
31851470 OUD 12C: ISMEMBER SEARCH RECEIVES STACKOVERFLOWERROR
31745920 OUD UNION PROXY SEARCHES RECEIVE A RESULT=4 WHEN PAGE-SIZE=0 FOR WFE
30513440 SUPPORT PASSWORD VALIDATORS AND GENERATORS IN SUBENTRY PASSWORD POLICY
32208265 CRYPTO MANAGER ORDERS CIPHERS ALPHABETICALLY (DIFFERENT THEN OTHER SSL HANDLERS)
32065140 REPLICATION IGNORES SCHEMA VIOLATION
31546491 CPU SPIKES AND UTILIZATION RESULTING IN TIMETHREAD ERROR
31878749 STACKING TRANSFORMATIONS MODIFIY OPERATION FAILS
31931564 OUD 12C - LOG-CONNECTION-DETAILS CONFIG INCORRECTLY SHOWING IN FILE BASED AUDIT LOGGER MENU
32019006 SUPPORTING PWDMINLENGTH IN PASSWORD POLICY AT SUBENTRY LEVEL
30666508 NPE WHEN EXECUTING LDAPSEARCH ON OUD PROXY WITH PAGESIZE SET IN LDAPSERVEREXTENSION
31666925 THE OUD-SETUP SCRIPT DOES NOT RECOGNIZE A EXABYTE FS
27028740 UNIT TEST FAILURES RELATED TO PASSWORD
26098635 CAN NOT SYNC THE USER ENTRY PASSWORD FROM OUD TO AD BY ODIP

1.10.4 Resolved Issues in OUD Bundle Patch 12.2.1.3.200827

The following table lists the issues resolved in OUD Bundle Patch 12.2.1.3.200827:

Table 1-4 Issues Resolved in OUD Bundle Patch 12.2.1.3.200827

Bug Number Description
28401694 ADD OPTION FOR ADDITIONAL BINDDN, CLIENTIP, AND PROTOCOL TO LOGGERS
29359582 STATUS COMMAND DOESN'T WORK WITH OUD 19C INSTALL
30403293 CANNOT UPGRADE 11G BECAUSE OF THE "DS-CFG-FETCH-AUTHENTICATED-USER" PROPERTY
30832284 OUD 12C VIRTUAL ATTRIBUTE SUB CONTAINER PASSWORD POLICY INCONSISTENTLY APPLIED
30871004 OUD 12.2.1.4 RETURN-BIND-ERROR-MESSAGES=TRUE NOT WORKING
30963266 OUD 12C PASSWORD INVALID WHEN USING BRACE SPECIAL CHARACTER
31013245 ER OUD - S_CONN VALUES IN PROXY ACCESS LOGS SHOULD SHOW HOSTNAME OF DS SERVER
31239817 UNION WF DOES NOT SHOW OUTPUT IN DATA BROWSER TAB OF OUDSM
31246776 OUD12CPS4: COMPLEX QUERIES USING NONEXISTING GROUP MEMBERSHIP RETURN ALL USERS
31336975 UNABLE TO ADD OR MODIFY OBJECT CLASSES AND ATTRIBUTES TO OUD 12C PS4
31377876 REBUILD-INDEX DISABLES BACKEND WHEN USING MIXED DEFINED/NOTDEFINED ATTRIBUTES
31490532 OUD 12CPS4 JULY2020 BP - UPGRADE OF 12CPS3JULY'20 BP OUD DS INSTANCE TO 12CPS4JULY'20 BP IS FAILING

1.10.5 Resolved Issues in OUD Bundle Patch 12.2.1.3.200623

The following table lists the issues resolved in OUD Bundle Patch 12.2.1.3.200623:

Table 1-5 Issues Resolved in OUD Bundle Patch 12.2.1.3.200623

Bug Number Description
29971908 OUD 12C - DSREPLICATION STATUS IGNORES -I ADMINUID WHEN SPECIFIED VIA CLI
30668734 UNABLE TO USE UNDERSCORES IN DNS
30012998 SETTING DEPRECATED PASSWORD STORAGE SCHEME AND ADMIN PWD RESET CLEARS PWDRESET
28467589 START-DS IN DMZ SLOW
30854158 CODE CORRECTION FOR BUG 29676093
29757041 OUD 12C: DIGEST-MD5 SASL AUTH FAILS WITH LDAP 80 IF SEARCHING JOIN VIEW CONTEXT
30651541 OUD 12C - CUSTOM PASSWORD POLICY AND VALIDATOR IGNORED ON ACCOUNT CREATION
30440259 OUD INVALID PWDGRACEUSETIME ATTRIBUTE CREATED BY EUS.
30521914 AFTER INITIALIZATION THE RGW STATUS SHOWS AS "BAD DATA SET"
30534318 Fix for Bug 30534318
27137959 DSREPLICATION PURGE-HISTORICAL COMMAND TIMES OUT
29418242 (JE 7.0.7) ENVIRONMENT MUST BE CLOSED, CAUSED BY: COM.SLEEPYCAT.JE.THREADINTERRU

1.10.6 Resolved Issues in OUD Bundle Patch 12.2.1.3.0 (ID:191219.0108)

The following table lists the issues resolved in OUD Bundle Patch 12.2.1.3.0 (ID:191219.0108):

Table 1-6 Issues Resolved in 12.2.1.3.0 (ID:191219.0108)

Bug Number Description
30265103 OUD11G - BEFORE BP DS-RLIM-IDLE-TIME-LIMIT ATT. WAS IN SECS AFTER BP IS MS
22450210 GATEWAY: REPLICATION BROKEN MORE OFTEN THAN NOT
29682036 FORKJOIN WFE WITH LEFT-OUTER-JOIN DOES NOT WORK
28781040 FORKJOIN COMPLEX FILTER SPLITTED AS FILTER="(&)"
29885985 OUD ALLOWS ADDING USER INTO GROUP EVEN IF USER DOESN'T EXIST WHEN RI IS ENABLED
30386441 (JE 7.0.7) INTERRUPTEDEXCEPTION MAY CAUSE INCORRECT INTERNAL STATE
30094884 REGRESSION FOR BUG 29724794
29945677 ISMEMBEROF SUBSTRING SEARCH FILTER RETURNS NO ENTRIES
28135591 UNABLE TO SPECIFY A DENIED-CLIENT HOSTNAME THAT BEGINS WITH A NUMERIC VALUE
29661762 CUSTOM PASSWORD POLICIES REQUIRE A INDIVIDUAL "PASSWORDSTORAGESCHEME"
29848584 OUD 11G: HIGH CPU AND CAUSING LOSS OF SERVICE
29868285 OUDSM CRASHES WHEN ACCESSING CORE CONFIG, WITH LATEST BP 28569189
30645038 COUPLE OF NEWLY ADDED CORE-ENTRYCACHE TESTS FAILING IN FARM EXECUTION
30074000 Fix for Bug 30074000

1.10.7 Resolved Issues in OUD Bundle Patch 12.2.1.3.0 (ID:190522.0537)

The following table lists the issues resolved in OUD Bundle Patch 12.2.1.3.0 (ID:190522.0537):

Table 1-7 Issues Resolved in OUD Bundle Patch 12.2.1.3.0 (ID:190522.0537)

Bug Number Description

29376960

OUD12C: PROXY USING FORK JOIN HAVE QUERIES WITH RESULT=32

29026772

ISSUE WITH FORCE-CHANGE-ON-ADD AFTER APPLYING BUNDLE PATCH 11.1.2.3.181016

29143490

AFTER UPGRADE FROM OUD 11G TO OUD 12C PASSWORD VALIDATOR MANGELED

27911963

ODSM ORACLEJSP ERROR: JAVA.IO.FILENOTFOUNDEXCEPTION

29320825

PASSWORD REHASH NOT WORKING AFTER APPLYING PATCH 28817042

25633930

FMW_DIAG_IMPROVEMENT - HANDLING EMPTY CATCH BLOCKS IN ADMIN, BACKEND & CORE

28650524

UNEXPECTED ERROR DURING THE INITIALIZATION OF SUFFIX

28507697

RDBMS WFE CANNOT ACCESS TABLE FROM DIFFERENT SCHEMA

28564137

ODSM IS VERY SLOW WITH A LARGE NUMBER OF BACKENDS

28636130

IMPORT-LDIF REJECTS TOMBSTONE ENTRIES WITH PARENT NO FOUND ERROR

26773404

ACI ISSUE WITH PTA KERBEROS TO AD

28433125

SIMPLE COMPLEX SEARCH FILTER USING ISMEMBEROF INCORRECTLY RETURNS NO ENTRIES

27266700

USERCERTIFICATE ATTRIBUTE DISPLAYED AS BINARY IN ODSM

27601364

ACCOUNT STATUS NOTIFICATION ARE NOT LOGGED IN ERROR FILE

1.10.8 Resolved Issues in OUD Bundle Patch 12.2.1.3.0 (ID:180829.0419)

The following table lists the issues resolved in OUD Bundle Patch 12.2.1.3.0 (ID:180829.0419):

Table 1-8 Issues Resolved in OUD Bundle Patch 12.2.1.3.0 (ID:180829.0419)

Bug Number Description

27847613

CHANGING MULTIPLE-VALUES PASSWORD POLICY WITH 2 STORAGE SCHEME FAILS

28017604

OUD PROXY NON-RETRIEVABLE ATTRIBUTES FOR OPERATIONAL ATTRIBUTES NOT WORKING

28130109

BINDING AS SECONDARY PARTICIPANT USER FAILS AGAINST FORKJOIN CONFIGURATION

27745214

OUDSM 12C - EUS INFORMATION ARE NOT DISPLAYED

27804567

OAM NOT ABLE TO AUTHENTICATE TO OUD 12C PROXY USING RDBMS

27032565

APPENDING DATA VIA IMPORT-LDIF CAUSES ACI PRIVILEGE TO BE LOST

27752576

EUS WITH DB12CR2 OUD12C PROXY AND NOVELL NOT WORKING: ORA-28274

28052332

OUD 12C FORK JOIN SECONDARY PARTICIPANT ISSUE WITH LDAPSEARCH FILTER

27030137

DIAG - AUDIT LOG TO STORE MODIFIERSNAME AND MODIFYTIMESTAMP.

21839259

LDAPSEARCHES RESULT NOT AS EXPECTED WHEN USING MEMBER IN NUMERIC FORMAT

27940182

OUD 12C STATIC/VIRTUAL STATIC GROUP MEMBERSHIP CROSS REFERENCE AMONG SUFFIXES

20033750

ODSM: REPL MANAGER: AUTO REFRESH DOESN'T TAKE INTO ACCOUNT REPL GROUP SETTING

1.10.9 Resolved Issues in OUD Bundle Patch 12.2.1.3.0 (ID:180626.0326)

The following table lists the issues resolved in OUD Bundle Patch 12.2.1.3.0 (ID:180626.0326)

Table 1-9 Issues Resolved in OUD Bundle Patch 12.2.1.3.0 (ID:180626.0326)

Bug Number Description

28074093

ONE OFF BUILD FAILED FOR PLATFORM_VERSION IN 12C APRIL BP

27689317

LDAPSEARCH WITH DYNAMICALLY LINKED USER AS UNIQUE MEMBER DOES NOT DISPLAY DESCR

27782271

HIGHLY COMPLEX SEARCH FILTERS DO NOT RETURN RESULTS AND SLOW DOWN SERVER

27822171

PATCH 27782271 WORKS ONLY UPTO 100 NESTED FILTERS

27538880

OUD APRIL'18 BP ( 27491238) ISSUE

27460616

OUD RETURNS A ROOT DSE ENTRY OF A REMOTE LDAP SERVER AS ITS OWN ROOT DSE ENTRY

27768179

ROUTINE RESTART OF OUD SERVER MAKES OUD UNRESPONSIVE

27585207

ERROR WHEN CHECKING THE COMPATIBILITY OF THE DSEE CONSUMER

27309834

REBUILD-ALL INDEXES IN BETWEEN THE DELETE AND THE PURGE RESULT TOMBSTONES ISSUE

27195037

REPLICATION INFO MISSING ON ODSM REPLICATION TOPOLOGY TAB WHEN REPLICA OFFLINE

26828546

OUD | ORCLSOURCEMODIFYTIMESTAMP ATTRIBUTE ALLOWS DUPLICATE ENTRIES

27151076

REGRESSSION OF UPDATES ON SINGLE VALUED ATTRIBUTES ARE NOT REPLICATED PROPERLY

27147081

OUD USER RESOURCE LIMITS NOT ENFORCED ON SEARCHES USING PROXY-AUTH

27116703

OUD SERVER IN DIFFERENT LOCATIONS-REMOTE HOST CLOSED CONNECTION DURING HANDSHAKE

26969822

STOP-DS SLOW WHEN REPLICATION IS ENABLED

1.10.10 Resolved Issues in OUD Bundle Patch 12.2.1.3.0 (ID:180322.2306)

The following table lists the issues resolved in OUD Bundle Patch 12.2.1.3.0 (ID:180322.2306):

Table 1-10 Issues Resolved in OUD Bundle Patch 12.2.1.3.0 (ID:180322.2306)

Bug Number Description

27337656

OVD OBJECTCLASS MAPPER PLUGIN IN OUD

27027834

SUPPORT COMPLEX FILTER FOR TOKENIZE-ATTRIBUTE TRANSFORMATION

26616633

FMW_DIAG_IMPROVEMENT - HANDLING EMPTY CATCH BLOCKS IN WORKFLOWELEMENT

26579516

LDIF IMPORT VIA ODSM CONSOLE SHOWING INCORRECT STATUS

25556682

FMW_DIAG_IMPROVEMENT - HANDLING EMPTY CATCH BLOCKS IN REPLICATION

27337538

SAML XASP PLUGIN THROUGH OUD

26878832

ISMEMBEROF QUERY SLOW FOR COMPLEX SEARCHES INVOLVING STATIC GROUPS

27036003

ODE CORRECTION ON THE TRANSACTION OF BASE BUG 26828755

27337446

COORDINATORADAPTER THROUGH UNION WFE IN OUD

27337617

DYNAMICGROUPS PLUGIN THROUGH OUD

26557145

DEBUG WARNING LOG MESSAGE IS REQUIRED TO HELP DEBUGGING

26389404

REPLICATION EXIT WITHOUT WRITING ANY LOG IN DEBUG LOG WHEN ENTRYUUID NOT FOUND

26051378

PWDRESET FLAG DOES NOT SYNC PROPERLY BETWEEN REPLICATED OUD SERVERS

25659967

OUD DELETED REFERENCE ENTRIES ARE NOT REPLICATING TO OTHER SERVERS

24912151

REPLICATION OUT OF SYNC AT ATTRIBUTE LEVEL AFTER STRESS TEST

26651161

DPS2OUD FAILS WITH ERROR "FATAL ERROR DURING THE PROCESSING OF THE DPS CONFIG"

25543336

OUD PROXY DOESN'T RETURN AD ENTRIES WITH DUPLICATE DSCOREPROPAGATIONDATA

26397668

OUD SEARCH BEHAVIOR WITH WHITESPACE AND WILDCARD (*) IN THE SEARCH FILTER

25524876

USERCERTIFICATE;BINARY ATTRIBUTE IS NOT SHOWED RIGHT

27421407

LDAPSEARCH RESULTS IN DIFFERENT ATTRIBUTES RETURNED BY LDAPSEARCH WRT OVD

27638073

UNION LDAPSEARCH WITH SEARCHFIRSTMATCH TRUE AUTOTUNESEARCHOPTION TRUE FAILS

27621150

OBJECTCLASS MAPPER TRANSFO:FILTER-ATTRIBUTE NOT APPLIED FOR LDAPSEARCH,COMPARE

27567476

LDAPSEARCH WITH DYNAMIC GROUPS PLUGIN CHANGES CASE OF O IN OUD OVD RETAINS IT

27499608

LDAPSEARCH ISSUES WITH DYNAMIC GROUPS PLUGIN

27716604

OUD 12C APR'18 BP - DIFS OBSERVED IN DYNAMIC GROUPS PLUGIN TESTING.

27456961

LDAPSEARCH WITH ANONYMOUS ACCESS NEEDS TO DISPLAY NO ENTRY WITH SAML XASP PLUGIN

27428553

LDAPSEARCH IN OUD DOES NOT RETURN RESULTS WITHOUT OBJECTCLASS IN FILTER

27537121

LDAPSEARCH WITH FETCH-BOTH-STATIC-DYNAMIC DOES NOT WORK FOR DYNAMIC GRP PLUGIN

27622404

TOKENIZE ATTRIBUTE TRANSFORMATION - LDAPSEARCH RETURNS INVALID RESULTS

27451993

LDAPSEARCH RETURNS ALL ATTRIBUTES REGARDLESS OF ATTRIBUTE NAME IN SEARCH CRITERI

1.11 Known Issues and Workarounds

For known issues and workarounds, log in to My Oracle Support, and then search for 2568304.1, which is the ID of the document, Oracle Fusion Middleware 12.2.1.3.0 Known Issues.

For information about OPatch issues, log in to My Oracle Support and use the OPatch version provided with the product.

1.12 Documentation Updates

This section describes documentation updates for this release.

Note:

Refer Admin REST APIs for Oracle Unified Directory.

OUDSM Auto Redeployment Instructions

The oudsm.ear file is shipped along with the OUD bundle patch. 
(bppatchnumber/files/oracle.idm.oud.odsm/12.2.1.3.0/oracle.idm.oud.odsm.symbol/odsm/oudsm.ear)
A new oudsm.ear file is included with OUD Bundle Patch 12.2.1.3.220329 would be patched at the following location: 
$ORACLE_HOME/oud/odsm/oudsm.ear

When you restart the Server for the first time after applying the patch, it will automatically redeploy the new oudsm.ear file. Therefore, you might experience a slower restart of the Server. You must look at the logs related to oudsm.ear file deployment.

If for any reason the oudsm.ear file deployment fails during the first restart of the Server, then you manually need to redeploy the file.

1.13 Related Documents

For more information, see the following resources:

1.14 Documentation Accessibility

For information about Oracle's commitment to accessibility, visit the Oracle Accessibility Program website at http://www.oracle.com/pls/topic/lookup?ctx=acc&id=docacc.

Access to Oracle Support

Oracle customers that have purchased support have access to electronic support through My Oracle Support. For information, visit http://www.oracle.com/pls/topic/lookup?ctx=acc&id=info or visit http://www.oracle.com/pls/topic/lookup?ctx=acc&id=trs if you are hearing impaired.