Cannot Create Group Space or Add Members to Group Spaces When Using Active Directory External LDAP (Doc ID 1059721.1)

Last updated on DECEMBER 12, 2012

Applies to:

Oracle WebCenter Portal - Version 11.1.1.2.0 to 11.1.1.2.0 [Release 11g]
Information in this document applies to any platform.
Checked for relevance on 12-Dec-2012

Symptoms

After configuring Webcenter Spaces to use Active Directory for external LDAP, trying to create group spaces or add members to group spaces returns in error:

WCS#2010.01.28.08.28.03: No matching users were found with search string 408997


where 408997 is the username.

WLS_Spaces log shows:

...
...
[2010-01-28T08:28:03.207-08:00] [WLS_Spaces] [ERROR] [] [oracle.webcenter.webcenterapp] [tid: [ACTIVE].ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: 966366] [ecid: 0000IPpkg9K2bMK5qVh8iY1BOCf400003J,0] [APP: webcenter] WCS#2010.01.28.08.28.03: No matching users were found with search string 408997
[2010-01-28T08:28:03.208-08:00] [WLS_Spaces] [ERROR] [] [oracle.webcenter.webcenterapp] [tid: [ACTIVE].ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: 966366] [ecid: 0000IPpkg9K2bMK5qVh8iY1BOCf400003J,0] [APP: webcenter] [[
oracle.webcenter.webcenterapp.security.WCSecurityException: No matching users were found with search string 408997
at oracle.webcenter.webcenterapp.internal.model.security.WCSecurityManagerImpl.grantJpsRole(WCSecurityManagerImpl.java:979)
at oracle.webcenter.spaces.internal.model.security.SpacesSecurityManagerImpl.grantInternalRole(SpacesSecurityManagerImpl.java:941)
at oracle.webcenter.spaces.internal.model.security.SpacesSecurityManagerImpl.grantRoleAndPublishActivity(SpacesSecurityManagerImpl.java:2247)
at oracle.webcenter.spaces.internal.model.security.SpacesSecurityManagerImpl.grantRole(SpacesSecurityManagerImpl.java:248)
at oracle.webcenter.webcenterapp.internal.view.backing.WebCenterAdminSecurityBean.addInviteMembers(WebCenterAdminSecurityBean.java:2554)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
...
...


Changes

Added Active Directory as the external LDAP.
User has all proper privileges to be connected and resides in Active Directory (AD).
AD Authenticator provider is first in list and the "Control Flag" is set to SUFFICIENT in the Web Logic Server console. See documentation below:

http://download.oracle.com/docs/cd/E15523_01/webcenter.1111/e12405/wcadm_security.htm#BGBHHGEH

Steps to reproduce the issue:

1. Signon to WebCenter Spaces as an Active Directory Admin user.
2. WebCenter Admin --> Security TAB --> Users and Groups
3. Search for an AD user
4. User is found successfully
5. Click on Grant Access
6. The error is displayed.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms