Relocating Active Directory User to Different OU Causes User to Lose Privileges In Content Server
Last updated on FEBRUARY 06, 2018
Applies to:Oracle WebCenter Content - Version 7.5.2 and later
Information in this document applies to any platform.
Content Server users lose their privileges after their Active Directory Organizational path was changed.
- Login to Content Server as AD user
---> Content Server's user cache is set for 2 minutes
- Move user in AD to another sub branch of the LDAP root the user is searched for
- Await Content Server to expire the user cache (a Content Server restart will also clear the cache)
- Access a Content Server web page that requires rights defined in either AD or the Content Server's internal roles/accounts as adjusted via User Manager admin applet.
=>The user gets the message in his window that he does not have sufficient privileges to see the page (default roles and accounts actually would permit to see it as they are all set read-only)
- Clear the web browser's cookies and authenticated sessions.
- Log the user out of UCM. This requires all web browser windows to be closed.
- Reset UCM user cache by setting filterpages cache to 0
- Delete the user cached object (external) in Content Server.
- Have the user access Content Server via the Intranet login again
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms