An LDAP Group Credential Mapped to @#all Doesn't Give the User RWDA Permissions
Last updated on DECEMBER 21, 2017
Applies to:Oracle WebCenter Content - Version 184.108.40.206.0 and later
Information in this document applies to any platform.
In Webcenter Content 220.127.116.11 (WCC),
The jpsuserprovider is configured to use a credential map.
The map is configured to map an LDAP group to the WCC admin role and another group to the @#all account.
A user is a member of the group that maps to admin and the group that maps to @#all account.
In the example, UCM Admin and @AllAccounts
The @#all account should allow a user with that account to have full RWDA permissions to any content assigned to an account.
An item has an account assigned to it.
When that user attempts to make a change in that item's metadata, it will fail due to not having permission to do so.
The following is an example error as seen in the WCC managed server log:
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms