So it looks like the Oracle Unified Directory 11gR2 PS3 Bundle Patch 9 has a couple issues that could have serious consequences:
1. Any users that have UTF-8 special characters in the DN become unsearchable. So if you have cn=Léon,ou=users,dc=corp,dc=com (notice the é in there with the accent mark), and run a search on it, it’ll come back with a fat 0. To find the user, you’ll either have to search for another attribute with all standard characters in it, or replace the offending characters with an *
2. OUD + OAM has a weirdness when new users try to login with a bad password. OUD can sometimes return a different error code (like password needs to be reset) when a new user is trying to bind to OUD. When OAM is issuing a login request to OUD and this is returned, the typical OAM-2 error doesn’t get returned so there’s no catch to display an error message to the end user. So they are providing a bad password, but they wind up not seeing a “bad username or password” error message and get redirected to the success url instead. Weird.
Resolution, remove BP09