Active Directory Credential Mapping Group Names that have Space Characters do not Work Properly with UCM 11g
(Doc ID 1348084.1)
Last updated on MAY 09, 2023
Applies to:
Oracle WebCenter Content - Version 11.1.1.5.0 and laterInformation in this document applies to any platform.
Symptoms
When mapping multiple Active Directory groups to different UCM roles, _all_ users will get _all_ mapped roles assigned.
Detailed Problem Statement
---------------------------------
Users and Contractors defined in two Active Directory branches:
Users: ou=Users, ou=XYZ,ou=ABC,ou=Acme Department,dc=xyz,dc=place,dc=com
Contractors: ou=Contractors, ou=XYZ,ou=ABC,ou=Acme Department,dc=xyz,dc=place,dc=com
In Active Directory, Users and Contractors are added to Active Directory groups:
Users (a subset) are under: ou= XYZ ABC DEFG Users ,ou=Dynamic,ou=Groups,ou=XYZ,ou=ABC,ou=Acme Department,dc=xyz,dc=place,dc=com
Contractors (a subset) are under: ou= XYZ ABC DEFG Contractors ,ou=Dynamic,ou=Groups,ou=XYZ,ou=ABC,ou=Acme Department,dc=xyz,dc=place,dc=com
In JPS Provider, under Groups, we point to:
Group Base DN: ou=Dynamic,ou=Groups,ou=XYZ,ou=ABC,ou=Acme Department,dc=xyz,dc=place,dc=com
Now in the UCM Credential Map, we need to have group XYZ ABC DEFG Users mapped to role admin, and XYZ ABC DEFG Contractors mapped to role contributor.
Credential Map entries:
|XYZ ABC DEFG Users|, admin
|XYZ ABC DEFG Contractors|, contributor
However, both Users and Contributors now get both roles in UCM:
Roles: admin,contributor,authenticated
Changes
The Active Directory Group Names have the 'space' character.
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Changes |
| Cause |
| Solution |
| References |