Audit log show SM_STATUS "Server is Configured to Deny Anonymous Binds"

book

Article ID: 36070

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) AXIOMATICS POLICY SERVER CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

Question:

Why audit log report SM_STATUS "Server is Configured to Deny Anonymous Binds"

Answer:
The error message was return by LDAP (OID).
The reason that it return the message is because the anonymous bind disable (orclAnonymousBindsFlag=0). This is Oracle Directory setting.
When end user submit invalid password, the OID cannot bind with it and try to use the anonymous bind. However, since the anonymous bind is disabled, it return the error message to policy server.

Additional Information:
User directory is Oracle Internet Directory (OID 11.1.1.6)

orclAnonymousBindsFlag setting information
https://docs.oracle.com/cd/B28196_01/idmanage.1014/b15991/server.htm#BGBFDJII

Environment

Release: ETRSBB99000-12.52-SiteMinder-B to B
Component: