Win a copy of Murach's MySQL this week in the JDBC and Relational Databases forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Weblogic 10.3.5 & Windows 2003 Active Directory NO User but Groups

 
Greenhorn
Posts: 1
Oracle Redhat
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,

I use OBIEE 11.1.1.5, Weblogic Server 10.3.5 and Active Directory Windows 2003.
I tried to integrate our external LDAP in the Weblogic admin console. The integration worked so far but I have the problem that I only see groups but no user.
When I use a simple LDAP Browser with the same query (as in the settings in the console) I get all the needed user and groups. I have no idea why this is happening.
The strange thing is - when I use the same settings in the RPD (admin tool) I am able to use the LDAP authentication.

Our LDAP structure is OU=MyCompany where CN= all User with their names. And a special group OU=BI with CN= group names like administration and so on. We use the same structure for our Jira and Windows.
Is there something I am missing?

here is my config.xml:

<security-configuration>
<name>bifoundation_domain</name>
<realm>
<sec:authentication-provider xsi:type="wls:active-directory-authenticatorType">
<sec:name>ADLdap</sec:name>
<sec:control-flag>SUFFICIENT</sec:control-flag>
<wls:host>##########(I blanked this part out)</wls:host>
<wls:user-object-class>user</wls:user-object-class>
<wls:user-name-attribute>sAMAccountName</wls:user-name-attribute>
<wls:principal>cn=ldap-reader,cn=users,dc=company,dc=com</wls:principal>
<wls:user-base-dn>ou=MyCompany,dc=company,dc=de</wls:user-base-dn>
<wls:credential-encrypted>I removed this part </wls:credential-encrypted>
<wls:user-from-name-filter>(&(cn=%u)(objectclass=user))</wls:user-from-name-filter>
<wls:all-users-filter>objectClass=user</wls:all-users-filter>
<wls:group-base-dn>ou=BI,dc=company,dc=com</wls:group-base-dn>
<wls:all-groups-filter>objectClass=group</wls:all-groups-filter>
</sec:authentication-provider>

Thanks in advance!
 
Don't get me started about those stupid light bulbs.
reply
    Bookmark Topic Watch Topic
  • New Topic