EM13c: Duplicate Users Creation in Enterprise Manager 13c Cloud Control Allowed when Using LDAP Integration (Doc ID 2491448.1)

Last updated on JANUARY 17, 2023

Applies to:

Enterprise Manager Base Platform - Version 13.2.0.0.0 and later
Information in this document applies to any platform.

Symptoms

Having 2 different users with a different UID (User ID) but with the exact same name (as defined in LDAP) will work, but one of the users will have the privileges and entitlements of the other.

Example:

User1
===
Name: <USERNAME1>
UID: <UID1>
Type: Administrator

User2
====
Name: <USERNAME2>
UID: <UID2>
Type: Super Administrator

Logging in as <USERNAME2> will actually show the privileges and entitlements of <USERNAME1>

LDAP attribute mapping is defined as:

emctl set property -name oracle.sysman.core.security.auth.ldapuserattributes_emuserattributes_mappings \
-value USERNAME="{%firstname% %lastname%},"\
"EXTERNALUSERID={%loginid%},EMAIL={%mail%},"\
"CONTACT={%telephone%},"\
"DESCRIPTION={%firstname% %lastname% ( UID is %loginid% )}"

Changes

Cause

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

EM13c: Duplicate Users Creation in Enterprise Manager 13c Cloud Control Allowed when Using LDAP Integration (Doc ID 2491448.1)

Applies to:

Symptoms

Changes

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!