OVD 11g ODSM Shows NONASCII As Value For ObjectGUID / orclguid User Attribute Exposed Via AD Adapter (Doc ID 1481679.1)

Last updated on AUGUST 01, 2017

Applies to:

Oracle Virtual Directory - Version 11.1.1.1.0 and later
Information in this document applies to any platform.

Symptoms

Oracle Virtual Directory (OVD) 11g, i.e., 11.1.1.4.0

Issue #1:

Command line ldapsearch directly to a backend Active Directory (AD) with the -L switch returns the objectguid value ok:

And if using a 3rd party client like Softerra, able to see the objectGUID value for the external users ok.

But in Oracle Directory Services Manager (ODSM()) > Data Browser tab, expand and navigate to the user above, it shows the value as NONASCII.

Even after adding the UserManagement plugin, the value still shows differently than the base64 encoded from command line ldapsearch, e.g., it shows with extra nonascii characters.

 

Issue #2:

Getting null pointer at securityContext.getUserprofile().getGUID()

Using out of the box:
 SecurityContext securityContext = adfContext.getSecurityContext();
 securityContext.getUserProfile().getGUID()

Loading an ADF application, getting the adf context, and from there getting the security context.

It is working for weblogic users, but not with external users exposed via OVD.

Configured the AD provider in OVD using the "Add new Adapter" in ODSM console. Once configured, in the Data Browser, sees the external users and groups and when select a user, notice that the objectGUID value is shown as "NONASCII".

In weblogic, when configuring the AD provider, set the GUID attribute to "objectGUID" and in their code:

securityContext.getUserProfile().getGUID()

But it is coming as null for external users.  The getUserProfile() is throwing null for external users.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms