My Oracle Support Banner

Mapping EUS Users Sync'd to OID from AD, the Users Container is not Displayed / Mapping the AD Sync'd Username in EM Cloud Control Fails with: Unexpected error occurred. (Doc ID 1612937.1)

Last updated on APRIL 12, 2022

Applies to:

Advanced Networking Option - Version 11.0 and later
Oracle Internet Directory - Version 11.1.1 and later
Information in this document applies to any platform.


Configuring a Database user (globally) and mapping Enterprise User Security (EUS) to authenticate via Oracle Internet Directory (OID) 11g or 12c.

The OID Directory Information Tree (DIT) looks as follows, for example:

- dc=<company>,dc=com
   + cn=Calendar Server,dc=<company>,dc=com
   + cn=Groups,dc=<company>,dc=com
   + cn=Groups,dc=<company>,dc=com
   + cn=Users,dc=<company>,dc=com
   + o=myorg,dc=<company>,dc=com
   + o=myadorg,dc=<company>,dc=com

All the users desired for EUS integration have been synchronized from Microsoft Active Directory (MS AD) into OID and are stored under "o=myadorg,dc=<company>,dc=com".

When trying to map those users on Enterprise User Directory, only the users under the default User container of "cn=Users,dc=<company>,dc=com" are displayed.  The container where the AD users are sync'd is not displayed.

In Enterprise Manager (EM) Cloud Control 12c, navigating to Oracle Internet Directory Login > Enterprise User Security > Manage Enterprise Domains > Configure Domain: OracleDefaultDomain > From:

And entering a username/DN for the user in the desired OID DIT tree, for example:

(o) User name: cn=<username1>,cn=Users,o=myadorg,dc=<company>,dc=com

And the schema under > To:

Schema: <username1>

The following error is returned:

(x) Error
Unexpected error occurred. Please contact Oracle Support with these files.

- <EM_INSTANCE_BASE>/user_projects/domains/<domain_name>/servers/<SERVER_NAME>/logs/access.log
- <EM_INSTANCE_BASE>/user_projects/domains/<domain_name>/servers/<SERVER_NAME>/logs/<SERVER_NAME>-diagnostic.log
- <EM_INSTANCE_BASE>/em/<OMS_NAME>/sysman/log/emoms.trc

Note: Cannot reconfigure the base search of the realm as there are also other applications using that configuration and it cannot be changed.

How to configure EUS and be able to search users below "o=myadorg,dc=<company>,dc=com"? Can Oracle Directory Services Manager (ODSM) be used?

And in EM, Enterprise User Security > User - Schema Mapping, how to map each desired user in OID to a corresponding user on the Database?




To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.