Mapping EUS Users Sync'd to OID from AD, the Users Container is not Displayed / Mapping the AD Sync'd Username in EM Cloud Control Fails with: Unexpected error occurred. (Doc ID 1612937.1)

Last updated on APRIL 12, 2022

Applies to:

Symptoms

Configuring a Database user (globally) and mapping Enterprise User Security (EUS) to authenticate via Oracle Internet Directory (OID) 11g or 12c.

The OID Directory Information Tree (DIT) looks as follows, for example:

All the users desired for EUS integration have been synchronized from Microsoft Active Directory (MS AD) into OID and are stored under "o=myadorg,dc=<company>,dc=com".

When trying to map those users on Enterprise User Directory, only the users under the default User container of "cn=Users,dc=<company>,dc=com" are displayed.  The container where the AD users are sync'd is not displayed.

In Enterprise Manager (EM) Cloud Control 12c, navigating to Oracle Internet Directory Login > Enterprise User Security > Manage Enterprise Domains > Configure Domain: OracleDefaultDomain > From:

And entering a username/DN for the user in the desired OID DIT tree, for example:

And the schema under > To:

The following error is returned:

Note: Cannot reconfigure the base search of the realm as there are also other applications using that configuration and it cannot be changed.

How to configure EUS and be able to search users below "o=myadorg,dc=<company>,dc=com"? Can Oracle Directory Services Manager (ODSM) be used?

And in EM, Enterprise User Security > User - Schema Mapping, how to map each desired user in OID to a corresponding user on the Database?

Changes

Cause

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.