Relocating Active Directory User to Different OU Causes User to Lose Privileges In Content Server (Doc ID 1356617.1)

Last updated on NOVEMBER 03, 2016

Applies to:

Oracle WebCenter Content - Version 7.5.2 and later
Information in this document applies to any platform.

Symptoms


Content Server users lose their privileges after their Active Directory Organizational path was changed.


Steps to Reproduce

- Login to Content Server as AD user
---> Content Server's user cache is set for 2 minutes
- Move user in AD to another sub branch of the LDAP root the user is searched for
- Await Content Server to expire the user cache (a Content Server restart will also clear the cache)
- Access a Content Server web page that requires rights defined in either AD or the Content Server's  internal roles/accounts as adjusted via User Manager admin applet.

=>The user gets the message in his window that he does not have sufficient privileges to see the page (default roles and accounts actually would permit to see it as they are all set read-only)




 Workaround

- Clear the web browser's cookies and authenticated sessions.
- Log the user out of UCM. This requires all web browser windows to be closed.
- Reset UCM user cache by setting filterpages cache to 0
- Delete the user cached object (external) in Content Server.
- Have the user access Content Server via the Intranet login again

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms