My Oracle Support Banner

An LDAP Group Credential Mapped to @#all Doesn't Give the User RWDA Permissions (Doc ID 2023115.1)

Last updated on SEPTEMBER 13, 2019

Applies to:

Oracle WebCenter Content - Version and later
Information in this document applies to any platform.


In Webcenter Content (WCC),

The jpsuserprovider is configured to use a credential map.

The map is configured to map an LDAP group to the WCC admin role and another group to the @#all account.


UCM Admin,admin
UCM Sysmanager,sysmanager
|#all| -UCM|,%%
@|#all -All|,@%%

A user is a member of the group that maps to admin and the group that maps to @#all account.

In the example, UCM Admin and @AllAccounts

The @#all account should allow a user with that account to have full RWDA permissions to any content assigned to an account.

An item has an account assigned to it.

When that user attempts to make a change in that item's metadata, it will fail due to not having permission to do so.

The following is an example error as seen in the WCC managed server log:



To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.