i ran into the same issue and getting the exception while creating ldap.ora with netca.
ConfigException: Could not check for the Oracle Schema: oracle.net.config.ConfigException: TNS-04411: Directory service: permission denied
caused by: oracle.net.config.DirectoryServiceException: TNS-04411: Directory service: permission denied
caused by: oracle.net.ldap.NNFLException
and according to Doc ID 1492761.1 oracle support document I double checked the ACL's, and it seems ok.
Have you solved the issue? Is there anything else to check?
Not really, but I discovered couple things to check
1) can you connect to OVD by and LDAP browser? I'm able to do that on plain text port but no to SSL one
2) do you have Anonymous bind enabled in listener configuration?
I checked your recommendations,
1) can connect OVD through Apache DS both SSL and non-SSL listener
2) Anonymous bind is enabled on both listeners and I have checked to bind anonymously and it is successful.
I'm still wondering what that could be because I checked everything on mine installation and it doesn't work. The only one thing which is weird is - in Manual they say that SSL listener should be configured with No-Auth mode. But I tried to connect to this listener as anonymous and I failed to do that.
I found one issue. You have to create an ACL in OVD to allow access to cn=subschemasubentry to public. It helped