Unable to View Documents in Group Spaces with Privileges Assigned through Active Directory Groups (Doc ID 1312215.1)

Last updated on FEBRUARY 02, 2022

Applies to:

Symptoms

When attempting to view Documents in Group Spaces with privileges assigned through Active Directory Groups, the following error occurs:

Contact the administrator to ensure that the configuration is correct and that the directory exists and is accessible.

The WLS_Spaces-diagnostic.log shows the following errors:
"...

<Mar 18, 2011 12:20:37 PM CDT> <Info> <oracle.jcr.impl.OracleRepositoryImpl> <BEA-000000> <Session Session-11 connected for user id <USER>>
<Mar 18, 2011 12:20:38 PM CDT> <Warning> <oracle.webcenter.doclib.view> <WCS-07006> <run-time error obtaining content repository
oracle.webcenter.doclib.internal.view.DoclibJCRException: Repository error
at oracle.webcenter.doclib.internal.view.JCRRepositoryLogic.getItem(JCRRepositoryLogic.java:855)
at oracle.webcenter.doclib.internal.view.CISRepositoryLogic.getDefaultFolder(CISRepositoryLogic.java:315)
...

Caused By: javax.jcr.ItemNotFoundException: Unable to get folder info for dCollectionID = 13
at oracle.jcr.impl.ExceptionFactory.itemNotFound(ExceptionFactory.java:587)
at oracle.stellent.jcr.IdcPersistenceManager.getResourceByUUID(IdcPersistenceManager.java:433)
at oracle.jcr.impl.TransientLayer.getResourceByUUID(TransientLayer.java:323)
at oracle.jcr.impl.OracleSessionImpl.getNodeByUUID(OracleSessionImpl.java:279)
...

Caused By: oracle.stellent.ridc.protocol.ServiceException: Unable to display virtual folder information. Cannot read folder.
at oracle.stellent.ridc.protocol.ServiceResponse.getResponseAsBinder(ServiceResponse.java:116)
at oracle.stellent.ridc.protocol.ServiceResponse.getResponseAsBinder(ServiceResponse.java:92)
at oracle.stellent.jcr.IdcPersistenceManager.getResourceByUUID(IdcPersistenceManager.java:421)
..."

The issue can be reproduced at will with the following steps:

1. Configure WebCenter and UCM to use Active Directory LDAP store.
   
   
2. Give grants in a group space to an Active Directory Group.
   
   
3. Create a New User and add that user to the Active Directory Group so he can see the Group Space from previous step.
   
   
4. Sign into Spaces as the New User and confirm the user can see the Group Space.
   
   
5. Navigate to the Documents Page in the Group Space.
   It will show the following error:
   
   Contact the administrator to ensure that the configuration is correct and that the directory exists and is accessible.
   
   
6. Sign into Spaces as an administrator user and give grants to the User as a direct member of the group space.
   
   
7. Log back into Spaces as the New User.
   
   
8. Navigate to the Documents Page in the Group Space.
   The user is able to see the documents when given direct grants.

Changes

Cause

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.