Creation of External Role Fails with External role not found in External Identitiy store (LDAP) (Doc ID 2995598.1)

Last updated on JANUARY 10, 2024

Applies to:

Symptoms

 Unable to create an External Role and getting error as Ensure the role exists in LDAP Store

==> emoms.trc <==
2023-12-15 11:53:32,745 [EMUI_11_53_32_/console/admin/rep/rolePrivsSystem$roleName=$operation=add$updateResult=updateSucceeded] WARN rep.RolePrivsData getRoleData.1149 - errMsg=Role PDC_USR_G_ORAP_PSO_O_DP not found in the external identity store (LDAP). Ensure the role exists in LDAP store.
2023-12-15 11:53:32,745 [EMUI_11_53_32_/console/admin/rep/rolePrivsSystem$roleName=$operation=add$updateResult=updateSucceeded] WARN rep.RolePrivsData getRoleData.1149 - errMsg=Role PDC_USR_G_ORAP_PSO_O_DP not found in the external identity store (LDAP). Ensure the role exists in LDAP store.

==> emoms.log <==

==> emoms.trc <==

==> emoms.log <==
2023-12-15 11:53:32,839 [[STUCK] ExecuteThread: '52' for queue: 'weblogic.kernel.Default (self-tuning)'] ERROR em.MetricEngine logp.251 - MetricCollectorThread[MetricCollector:RACCOLL152:15] unable to find metric WAIT_EVENT_HISTOGRAM

Changes

 Old entries where still referring and was unable to capture with normal debug so please follow these steps

Please enable the Debug logs as below since normal Debug mode logs are not capturing any errors
a) Upload the sysman logs with debug enabled
emctl set property -name "log4j.category.oracle.sysman.core.sec.authz.opss.OPSSPolicyStoreUtil" -value "DEBUG" -sysman_pwd <sysman_password>.

emctl set property -name "log4j.category.oracle.sysman.eml.admin.rep.RolePrivsData" -value "DEBUG" -sysman_pwd <sysman_password>.

b) EMGC_OMS1.out logs with OVD debug enabled

1. Run setenv WLST_PROPERTIES "-Dweblogic.security.TrustKeyStore=DemoTrust"

2. Run $ORACLE_HOME/oracle_common/common/bin/wlst.sh

3. Connect to WLS console by running the following command:
connect('user','password','t3s://<ADMINHOST_URL>:<ADMIN_PORT>')

4. Check the loggers are loaded :
listLoggers(pattern="oracle.ods.*",target="EMGC_OMS1")
listLoggers(pattern="oracle.igf.*",target="EMGC_OMS1")

5. Set the loggers:
setLogLevel(logger="oracle.ods",target="EMGC_OMS1",level="TRACE:32",persist="1")
setLogLevel(logger="oracle.ods.virtualization",target="EMGC_OMS1",level="TRACE:32",persist="1")
setLogLevel(logger="oracle.igf",target="EMGC_OMS1",level="TRACE:32",persist="1")

6. Verify if the loggers were added:
listLoggers(pattern="oracle.ods.*",target="EMGC_OMS1")
listLoggers(pattern="oracle.igf.*",target="EMGC_OMS1")

c) Reproduce the issue (Create the role)
d) Upload the folder $DOMAIN_HOME/servers/EMGC_OMS1/logs
e) Upload <GC_INST>/EMGC_OMS1/sysman/log

Cause

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.