Oracle DBMS_LDAP_UTL
Version 21c

General Information
Library Note Morgan's Library Page Header
ACE Director Alum Daniel Morgan, founder of Morgan's Library, is scheduling complimentary technical Workshops on Database Security for the first 30 Oracle Database customers located anywhere in North America, EMEA, LATAM, or APAC that send an email to asra_us@oracle.com. Request a Workshop for your organization today.
Purpose Oracle EXtension utility functions that can be used for authentication or querying information on users, groups or subscribers in the LDAP server ... which begs the question ... why is this package is compiled with DEFINER rights and has EXECUTE granted to PUBLIC.

Functionality in this package should be called after a success execution of DBMS_LDAP.INIT.
AUTHID DEFINER
Constants
Name Data Type Value
 Authentication Types
AUTH_SIMPLE NUMBER 0
AUTH_EXTENDED NUMBER 1
 Deprecated
AUTH_PASSWD_CHANGE_WARN NUMBER -15
RESET_HANDLE NUMBER -18
SUBSCRIBER_NOT_FOUND NUMBER -19
USER_PROPERTY_NOT_FOUND NUMBER -28
PROPERTY_NOT_FOUND NUMBER -30
 Error Codes
SUCCESS NUMBER 0
GENERAL_ERROR NUMBER -1
PARAM_ERROR NUMBER -2
NO_GROUP_MEMBERSHIP NUMBER -3
NO_SUCH_SUBSCRIBER NUMBER -4
NO_SUCH_USER NUMBER -5
NO_ROOT_ORCL_CTX NUMBER -6
MULTIPLE_SUBSCRIBER_ENTRIES NUMBER -7
INVALID_ROOT_ORCL_CTX NUMBER -8
NO_SUBSCRIBER_ORCL_CTX NUMBER -9
INVALID_SUBSCRIBER_ORCL_CTX NUMBER -10
MULTIPLE_USER_ENTRIES NUMBER -11
NO_SUCH_GROUP NUMBER -12
MULTIPLE_GROUP_ENTRIES NUMBER -13
AUTH_FAILURE_EXCEPTION NUMBER -16
 Handle Types
SUBSCRIBER_HANDLE NUMBER 1
USER_HANDLE NUMBER 2
GROUP_HANDLE NUMBER 3
APP_HANDLE NUMBER 4
ORCLCTX_HANDLE NUMBER 5
SERVICE_HANDLE NUMBER 6
 Hint Types
TYPE_NICKNAME NUMBER 1
TYPE_GUID NUMBER 2
TYPE_DN NUMBER 3
TYPE_DEFAULT NUMBER 4
 Internal Error
ERR_INTERNAL NUMBER -38
 Memory Allocation
ERR_MEM_ALLOC NUMBER -37
 Nested Levels
NESTED_MEMBERSHIP NUMBER 0
DIRECT_MEMBERSHIP NUMBER 1
 Server Error Codes
PWD_EXPIRED_EXCEPTION NUMBER 9000
ACCT_TOTALLY_LOCKED_EXCEPTION NUMBER 9001
PWD_EXPIRE_WARN NUMBER 9002
PWD_MINLENGTH_ERROR NUMBER 9003
PWD_NUMERIC_ERROR NUMBER 9004
PWD_NULL_ERROR NUMBER 9005
PWD_INHISTORY_ERROR NUMBER 9006
PWD_ILLEGALVALUE_ERROR NUMBER 9007
PWD_GRACELOGIN_WARN NUMBER 9008
PWD_MUSTCHANGE_ERROR NUMBER 9009
USER_ACCT_DISABLED_ERROR NUMBER 9050
 Service Entity Errors
NO_SUCH_SERVICE NUMBER -31
NO_USER_SUBSCRIPTIONS NUMBER -32
NO_SUBSCRIPTIONS_TO_SERVICES NUMBER -33
NO_SERVICES_INSTALLED NUMBER -34
USER_NOT_SUBSCRIBED NUMBER -35
INVALID_SERVICE_SCHEMA NUMBER -36
 Type of User Properties
ENTRY_PROPERTIES NUMBER 0
DETACHED_PROPERTIES NUMBER 1
COMMON_PROPERTIES NUMBER 2
NICKNAME_PROPERTY NUMBER 3
EXTPROPTYPE_RAD NUMBER 4
DEFAULT_RAD_PROPERTIES NUMBER 5
IDENTIFICATION_PROPERTIES NUMBER 6
ADD_PROPERTY NUMBER 0
REPLACE_PROPERTY NUMBER 1
DELETE_PROPERTY NUMBER 2
ADD_PROPERTY_SET NUMBER 0
MODIFY_PROPERTY_SET NUMBER 1
DELETE_PROPERTY_SET NUMBER 2
 Version
INTERFACE_VERSION VARCHAR2(256) '2'
VERSION VARCHAR2(256) '2'
Data Types -- this data structure holds a pointer to Handle.
SUBTYPE handle IS RAW(32);

-- this data structure holds a pointer to List of Properties.
SUBTYPE property_set IS RAW(32);

-- this data structure holds a pointer to List of Properties.
SUBTYPE mod_property_set IS RAW(32);

-- this data structure holds a pointer to List of Property sets.
TYPE property_set_collection is TABLE of property_set
INDEX BY BINARY_INTEGER;

-- String collection.
SUBTYPE string_collection IS dbms_ldap_string_collection;

-- Binval collection.
SUBTYPE binval_collection IS dbms_ldap.binval_collection;

-- BLOB collection.
SUBTYPE blob_collection IS dbms_ldap.blog_collection;

-- Session.
SUBTYPE session IS dbms_ldap.session;
Dependencies
DBMS_LDAP DBMS_LDAP_API_FFI PLITBLM
Documented Yes: Packages and Types Reference
First Available 2001
Security Model Owned by SYS with EXECUTE granted to PUBLIC
Source {ORACLE_HOME}/rdbms/admin/dbmsldap.sql
{ORACLE_HOME}/rdbms/admin/prvtldap.plb
Subprograms
AUTHENTICATE_USER GET_AVAILABLE_SERVICES GET_USER_DN
AUTHENTICATE_USER_EXT GET_GROUP_DN GET_USER_EXTENDED_PROPERTIES
CHECK_GROUP_MEMBERSHIP GET_GROUP_MEMBERSHIP GET_USER_PROPERTIES
CHECK_INTERFACE_VERSION GET_GROUP_PROPERTIES GET_USER_PROPS_AND_AUTH
CHECK_USER_SUBSCRIPTION GET_PROPERTY_NAMES LOCATE_SUBSCRIBER_FOR_USER
CREATE_GROUP_HANDLE GET_PROPERTY_VALUES NORMALIZE_DN_WITH_CASE
CREATE_MOD_PROPERTYSET GET_PROPERTY_VALUES_BLOB POPULATE_MOD_PROPERTYSET
CREATE_SERVICE_HANDLE GET_PROPERTY_VALUES_LEN PROPERTY_VALUE_FREE_BLOB
CREATE_SUBSCRIBER_HANDLE GET_SUBSCRIBED_SERVICES SET_GROUP_HANDLE_PROPERTIES
CREATE_USER_HANDLE GET_SUBSCRIBED_USERS SET_USER_HANDLE_PROPERTIES
FREE_HANDLE GET_SUBSCRIBER_DN SET_USER_PROPERTIES
FREE_MOD_PROPERTYSET GET_SUBSCRIBER_EXT_PROPERTIES SUBSCRIBE_USER
FREE_PROPERTYSET_COLLECTION GET_SUBSCRIBER_PROPERTIES UNSUBSCRIBE_USER
 
AUTHENTICATE_USER
Authenticates the user against Oracle Internet Directory dbms_ldap_utl.authenticate_user(
ld                 IN session,
user_handle        IN handle,
auth_type          IN PLS_INTEGER,
credentials        IN VARCHAR2,
binary_credentials IN RAW)
RETURN PLS_INTEGER;
TBD
 
AUTHENTICATE_USER_EXT
Authenticates the user against Oracle Internet Directory dbms_ldap_utl.authenticate_user_ext(
ld            IN session,
user_handle   IN handle,
auth_type     IN PLS_INTEGER,
password_attr IN VARCHAR2,
password      IN VARCHAR2)
RETURN PLS_INTEGER;
TBD
 
CHECK_GROUP_MEMBERSHIP
Checks whether a user is a member of a specific group dbms_ldap_utl.check_group_membership(
ld           IN session,
user_handle  IN handle,
group_handle IN handle,
nested       IN PLS_INTEGER)
RETURN PLS_INTEGER;
TBD
 
CHECK_INTERFACE_VERSION
Returns the interface version dbms_ldap_utl.check_interface_version(interface_version IN VARCHAR2) RETURN PLS_INTEGER;
TBD
 
CHECK_USER_SUBSCRIPTION
Checks to determine if a user is subscribed to a service dbms_ldap_utl.check_user_subscription(
ld             IN session,
user_handle    IN handle,
service_handle IN handle)
RETURN PLS_INTEGER;
TBD
 
CREATE_GROUP_HANDLE
Generates a new group handle dbms_ldap_utl.create_group_handle(
group_hd   OUT handle,
group_type IN  PLS_INTEGER,
group_id   IN  VARCHAR2)
RETURN PLS_INTEGER;
TBD
 
CREATE_MOD_PROPERTYSET
Creates a MOD_PROPERTY_SET data structure dbms_ldap_utl.create_mod_propertyset(
pset_type IN  PLS_INTEGER,
pset_name IN  VARCHAR2,
mod_pset  OUT mod_property_set)
RETURN PLS_INTEGER;
TBD
 
CREATE_SERVICE_HANDLE
Generates a service handle dbms_ldap_utl.create_service_handle(
service_handle OUT handle,
service_type   IN  PLS_INTEGER,
service_id     IN  VARCHAR2)
RETURN PLS_INTEGER;
TBD
 
CREATE_SUBSCRIBER_HANDLE
Generates a new subscriber handle dbms_ldap_utl.create_subscriber_handle(
subscriber_hd   OUT handle,
subscriber_type IN  PLS_INTEGER,
subscriber_id   IN  VARCHAR2)
RETURN PLS_INTEGER;
TBD
 
CREATE_USER_HANDLE
Generates a new a user handle dbms_ldap_utl.create_user_handle(
user_hd   OUT handle,
user_type IN  PLS_INTEGER,
user_id   IN  VARCHAR2)
RETURN PLS_INTEGER;
TBD
 
FREE_HANDLE
Frees memory associated with a handle dbms_ldap_utl.handle IN OUT handle);
TBD
 
FREE_MOD_PROPERTYSET
Frees memory associated with a  MOD_PROPERTY_SET data structure dbms_ldap_utl.free_mod_propertyset(mod_pset IN OUT mod_property_set);
TBD
 
FREE_PROPERTYSET_COLLECTION
Frees memory associated with a property set collection dbms_ldap_utl.free_propertyset_collection(
pset_collection IN OUT property_set_collection);
TBD
 
GET_AVAILABLE_SERVICES
Retrieves all the Distinguished Names of services under a subscriber dbms_ldap_utl.get_available_services(
ld                IN  session,
subscriber_handle IN  handle,
services          OUT string_collection)
RETURN PLS_INTEGER;
TBD
 
GET_GROUP_DN
Returns the group DN dbms_ldap_utl.get_group_dn(
ld           IN  session,
group_handle IN  handle,
dn           OUT VARCHAR2)
RETURN PLS_INTEGER;
TBD
 
GET_GROUP_MEMBERSHIP
Returns the list of groups of which the user is a member dbms_ldap_utl.get_group_membership(
ld          IN  session,
user_handle IN  handle,
nested      IN  PLS_INTEGER,
attr_list   IN  string_collection,
ret_groups  OUT property_set_collection)
RETURN PLS_INTEGER;
TBD
 
GET_GROUP_PROPERTIES
Returns group properties dbms_ldap_utl.get_group_properties(
ld            IN  session,
group_handle  IN  handle,
attrs         IN  string_collection,
ptype         IN  PLS_INTEGER,
ret_pset_coll OUT property_set_collection)
RETURN PLS_INTEGER;
TBD
 
GET_PROPERTY_NAMES
Retrieves the list of property names associated with a propertyset dbms_ldap_utl.get_property_names(
pset           IN  property_set,
property_names OUT string_collection)
RETURN PLS_INTEGER;
TBD
 
GET_PROPERTY_VALUES
Retrieves the property values(strings) for a given property name and property dbms_ldap_utl.get_property_values(
pset            IN  property_set,
property_name   IN  VARCHAR2,
property_values OUT string_collection)
RETURN PLS_INTEGER;
TBD
 
GET_PROPERTY_VALUES_BLOB
Retrieves the binary property values for a given property name and property dbms_ldap_utl.get_property_values_blob(
pset            IN  property_set,
property_name   IN  VARCHAR2,
property_values OUT blob_collection)
RETURN PLS_INTEGER;
TBD
 
GET_PROPERTY_VALUES_LEN
Retrieves the binary property values for a given property name and property dbms_ldap_utl.get_property_values_len(
pset            IN  property_set,
property_name   IN  VARCHAR2,
property_values OUT binval_collection)
RETURN PLS_INTEGER;
TBD
 
GET_SUBSCRIBED_SERVICES
Retrieves all the services to which a user is subscribed dbms_ldap_utl.get_subscribed_services(
ld          IN  session,
user_handle IN  handle,
services    OUT string_collection)
RETURN PLS_INTEGER;
TBD
 
GET_SUBSCRIBED_USERS
Retrieves all the users subscribed to a service dbms_ldap_utl.get_subscribed_users(
ld             IN  session,
service_handle IN  handle,
users          OUT string_collection)
RETURN PLS_INTEGER;
TBD
 
GET_SUBSCRIBER_DN
Returns the subscriber DN dbms_ldap_utl.get_subscriber_dn(
ld                IN  session,
subscriber_handle IN  handle,
dn                OUT VARCHAR2)
RETURN PLS_INTEGER;
TBD
 
GET_SUBSCRIBER_EXT_PROPERTIES
Retrieves the subsciber extended properties for the given subscriber handle dbms_ldap_utl.get_subscriber_ext_properties(
ld                IN  session,
subscriber_handle IN  handle,
attrs             IN  string_collection,
ptype             IN  PLS_INTEGER,
filter            IN  VARCHAR2,
ret_pset_coll     OUT property_set_collection)
RETURN PLS_INTEGER;
TBD
 
GET_SUBSCRIBER_PROPERTIES
Retrieves the subscriber properties for the given subscriber handle dbms_ldap_utl.get_subscriber_properties(
ld                IN  session,
subscriber_handle IN  handle,
attrs             IN  string_colleciton,
ptype             IN  PLS_INTEGER,
ret_pset_coll     OUT property_set_collection)
RETURN PLS_INTEGER;
TBD
 
GET_USER_DN
Returns the user DN dbms_ldap_utl.get_user_dn(
ld          IN  session,
user_handle IN  handle,
dn          OUT VARCHAR2)
RETURN PLS_INTEGER;
TBD
 
GET_USER_EXTENDED_PROPERTIES
Retrives user extended Properties dbms_ldap_utl.get_user_extended_properties(
ld            IN  session,
user_handle   IN  handle,
attrs         IN  string_collection,
ptype         IN  PLS_INTEGER,
filter        IN  VARCHAR2,
ret_pset_coll OUT property_set_collection)
RETURN PLS_INTEGER;
TBD
 
GET_USER_PROPERTIES
Retrieves the user properties dbms_ldap_utl.get_user_properties(
ld            IN  session,
user_handle   IN  handle,
attrs         IN  string_collection,
ptype         IN  PLS_INTEGER,
ret_pset_coll OUT property_set_collection)
RETURN PLS_INTEGER;
TBD
 
GET_USER_PROPS_AND_AUTH
Authenticates the user against Oracle Internet Directory dbms_ldap_utl.get_user_props_and_auth(
ld                 IN  session,
user_handle        IN  handle,
auth_type          IN  PLS_INTEGER,
attrs              IN  string_collection,
credentials        IN  VARCHAR2,
binary_credentials IN  RAW,
ret_pset_coll      OUT property_set_collection)
RETURN PLS_INTEGER;
TBD
 
LOCATE_SUBSCRIBER_FOR_USER
Retrieves the subscriber for the given user and returns a handle dbms_ldap_utl.locate_subscriber_for_user(
ld                IN  session,
user_handle       IN  handle,
subscriber_handle OUT handle)
RETURN PLS_INTEGER;
TBD
 
NORMALIZE_DN_WITH_CASE
Normalizes the given DN dbms_ldap_utl.normalize_dn_with_case(
dn         IN  VARCHAR2,
lower_case IN  PLS_INTEGER,
norm_dn    OUT VARCHAR2)
RETURN PLS_INTEGER;
TBD
 
POPULATE_MOD_PROPERTYSET
Populates a MOD_PROPERTY_SET data structure dbms_ldap_utl.populate_mod_propertyset(
mod_pset        IN mod_property_set,
property_mod_op IN PLS_INTEGER,
property_name   IN VARCHAR2,
property_values IN string_collection)
RETURN PLS_INTEGER;
TBD
 
PROPERTY_VALUE_FREE_BLOB
Frees the property value memory dbms_ldap_utl.property_value_free_blob(vals IN OUT blob_collection);
TBD
 
SET_GROUP_HANDLE_PROPERTIES
Configures group handle properties dbms_ldap_utl.set_group_handle_properties(
group_hd      IN handle,
property_type IN PLS_INTEGER,
property      IN handle)
RETURN PLS_INTEGER;
TBD
 
SET_USER_HANDLE_PROPERTIES
Configures the user handle properties dbms_ldap_utl.set_user_handle_properties(
user_hd       IN handle,
property_type IN PLS_INTEGER,
property      IN handle)
RETURN PLS_INTEGER;
TBD
 
SET_USER_PROPERTIES
Modifies a user's properties dbms_ldap_utl.set_user_properties(
ld          IN session,
user_handle IN handle,
pset_type   IN PLS_INTEGER,
mod_pset    IN property_set,
mod_op      IN PLS_INTEGER)
RETURN PLS_INTEGER;
TBD
 
SUBSCRIBE_USER
Subscribes a user to a service dbms_ldap_utl.subscribe_user(
ld             IN session,
user_handle    IN handle,
service_handle IN handle)
RETURN PLS_INTEGER;
TBD
 
UNSUBSCRIBE_USER
Unsubscribes a user from a service dbms_ldap_utl.unsubscribe_user(
ld             IN session,
user_handle    IN handle,
service_handle IN handle)
RETURN PLS_INTEGER;
TBD

Related Topics
Built-in Functions
Built-in Packages
Database Security
DBMS_LDAP
DBMS_LDAP_api_ffi
What's New In 19c
What's New In 20c-21c

Morgan's Library Page Footer
This site is maintained by Dan Morgan. Last Updated: This site is protected by copyright and trademark laws under U.S. and International law. © 1998-2022 Daniel A. Morgan All Rights Reserved
  DBSecWorx