You should try it as Michael suggest with 1.8.0_171 with debug enabled ( -Djavax.net.debug=all) and compare that with 1.8.0_172 also with debug enabled to see what the difference is during the handshake. You might just need to change the supported/required algorithm in java.security or if your existing certificate needs…

Check your windows services. It probably was setup to run as a service so use that to start it.

You will need to provide more details in order to help you such as the hardware each of the services runs on. Without much details, it sounds like your system was slow from the beginning, ie less than 30 seconds to login? For systems I usually work on, anything more than 3 seconds is considered slow. What I suspect is that…

[nQSError: 43126] Authentication failed: invalid user/password. is an indication that your BISystemUser is locked. If your problem is intermittent, then it means that the BISystemUser somehow gets locked (most likely someone or some process it attempting to login as that user with the wrong password consecutively). Once…

The command does not change, it will be the same. Just make sure you import all the PEM files that are part of the chain or put them all together in a single PEM file.

Keytool only understands certain type of files that it can import, namely its native DER format, or the commonly used PEM format which is a base64 encoded text file. A .p7b is not supported by keytool. You can either re-export your certificate as a .pem instead of a .p7b or use openssl to convert it as follows: openssl…

The 'last login attribute' is a common feature usually enabled via a password policy in most commonly used LDAP servers. However, the embedded LDAP that comes with weblogic does not have this feature so you will not to find this information in the log files.

You should enable SSL debugging on your server to get more details about the SSL handshake, which is probably what is failing and thus you get disconnected, ie socket closed error which in turn leads to LDAP error 52.

You need to update all your datasource configurations. Either login to the weblogic console and update each datasource from the console, or shutdown your weblogic domain and manually update the xml config files under the weblogic domain's jdbc folder.

The default authenticator in weblogic is an embedded ldap server. You are probably better off using your current ldap server rather than the embedded weblogic ldap server, but that really depends on how many users you really have. Migrating ldap users from your ldap server to the embedded ldap isn't that difficult. You…

Does the user actually exist in LDAP that weblogic is configured with?

The Oracle documentation states that you should check MOSC notes 1274953.1 and 1287479.1 (reference: https://docs.oracle.com/middleware/1221/biee/BIESC/sso.htm#BIESC6044)

Sounds like you got a 32 bit windows7 so just use OBIEE desktop 32 as that works.

You cannot use JDK 1.8 with WLS 10.3.6. Just install 10.3.6 on top of 10.3.5 and it will detect an existing older version an upgrade appropriately. The JDK upgrade will be separate as you will either need to replace your existing JDK in the same location, or update the weblogic scripts to point to the new JDK.

You might need to upgrade to 10.3.6 first and also to latest JDK 1.7.x as JSSE support in 10.3.5 only supported TLS1.0 but not higher, but modern browsers will require TLS1.1+ to allow SSL/TLS handshake.

You can use Sufficient instead of Requisite. Both are similar in this case.

Use Requisite if you have multiple authenticators and make sure you don't have any as Required

Yes indeed. Mandatory means it has to be satisfied so if that provider is not available, then all will fail.

Is the AD login provider your only provider, or do you have other authentication providers available in weblogic? What is the flag of the provider set to? If it is set to mandatory, then it has to be used for authentication, and if it is unavailable, then nobody can login. If you have multiple authentication providers, set…

What are your current ms and mx settings, ie how much heap have you allocated to each of the weblogic instances? The logs throw out of memory exceptions so you will need to increase the value you have for mx to give more memory to the JVM, but before you do that, check how much memory your server/vm has and how much of…