My Oracle Support Banner

Running the synchronizeUserInformation script with operationType='DELETE_NONEXISTENT_USERS' includes valid groups that exist in the external LDAP (Doc ID 1986169.1)

Last updated on JULY 16, 2015

Applies to:

Oracle WebCenter Portal - Version 11.1.1.8.0 to 11.1.1.8.6 [Release 11g]
Information in this document applies to any platform.

Symptoms

Running the synchronizeUserInformation script with operationType='DELETE_NONEXISTENT_USERS', it includes valid groups that exist in the external LDAP.
This causes the script to delete valid data from the groups from the webcenter portal tables.

 

Steps To Reproduce:
The issue can be reproduced at will with the following steps.

  1. Create 2 groups in the LDAP associated to WebCenter Portal.
    e.g.: 
    Groups: testgroup1, testgroup2  
  2. Create a Portal.
    e.g.: Portal1  
  3. Give grants in the Portal to the LDAP groups.
    e.g.:
     
    testgroup1 - Participant
    testgroup2 - Moderator  
  4. Run the synchronizeUserInformation script with operationType set to 'DELETE_NONEXISTENT_USERS'.
     
     
    •  Connect to the WebCenter server.
       
    • Create a directory to save the properties file generated by the synchronizeUserInformation script.
       
    • Set the ORACLE_HOME to the Webcenter Home.
      For example, in my case:
       
      export ORACLE_HOME=/refresh/oracle/fmw11g/Oracle_WC1
       
    • Navigate to the <webcenter Home>/common/bin directory.
      e.g:
      cd $ORACLE_HOME/common/bin
       
    • Start the WebLogic Scripting Tool (WLST):
       
      ./wlst.sh
       
    • Connect to the Admin Server:
      e.g.:
       
      connect()
       
    • Run the synchronizeUserInformation script with operationType='DELETE_NONEXISTENT_USERS' .
      e.g.:

      synchronizeUserInformation(appName='webcenter',
                 operationType= 'DELETE_NONEXISTENT_USERS',
                 fileName='/refresh/oracle/testcases/chkpolicy/delete.properties',
                 component='ALL',
                 dbVendor='Oracle',
                 dbHostNPort='fmw11g.vm.oracle.com:1521',
                 dbName='orcl01',
                 dbSchemaName='dev_webcenter',
                 verbose='true')
       
    • Provide the password for webcenter schema.
      e.g.:
       
          Enter the database password for the user [dev_webcenter]
          welcome1
       
    • Note it deletes grants given to the valid LDAP groups:
       
      File containing users not present in Identity Store is created successfully at :
      /refresh/oracle/testcases/chkpolicy/delete.properties
       
      Resolving references for user[testgroup1][testgroup1]
      ==============================
      Deleted 0 rows in the database table[column] WC_PEOPLE_CONN_CONNECTION
      Deleted 0 rows in the database table[column] WC_PEOPLE_CONN_INVITATION
      Deleted 0 rows in the database table[column] WC_PEOPLE_CONN_LIST_MEMBER
      Updated 1 rows in the database table[column] WC_AS_ACTOR_DETAIL [STATUS]
      Deleted 0 rows in the database table[column] WC_SPACE_USR_DETAIL
       
      Resolving references for user[testgroup2][testgroup2]
      ==============================
      Deleted 0 rows in the database table[column] WC_PEOPLE_CONN_CONNECTION
      Deleted 0 rows in the database table[column] WC_PEOPLE_CONN_INVITATION
      Deleted 0 rows in the database table[column] WC_PEOPLE_CONN_LIST_MEMBER
      Updated 1 rows in the database table[column] WC_AS_ACTOR_DETAIL [STATUS]
      Deleted 0 rows in the database table[column] WC_SPACE_USR_DETAIL
       
      WebCenter policy store update started at Wed 10 Dec 2014 18:36:57
      Processing user [testgroup1]
      Processing user [testgroup2]
      WebCenter policy store update completed successfully at
      Wed 10 Dec 2014 18:37:00
      WLST output will no longer be redirected to
      ./renameUsersInPolicyStore.out.
       
       
  5. Review the delete.properties file.
    It shows the 2 groups as users not present in the Identity Store:
     
    e.g.:
     
    $ cd /refresh/oracle/testcases/chkpolicy
    $ cat delete.properties
    testgroup1
    testgroup2
     
    The above is wrong.
    Those are valid groups and should not be listed as users not present in the identity store.

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.