Cannot Authorize User Within Nested Groups Using Active Directory As The User ID Store In OAM 11g

(Doc ID 2075182.1)

Last updated on NOVEMBER 13, 2015

Applies to:

Oracle Access Manager - Version and later
Information in this document applies to any platform.


On : version, Integration w/ other products

A user can not authenticate when they are a member of a nested group and the parent group is setup up as policy condition

User is able authenticate and access the requested resource.

The issue can be reproduced at will with the following steps:
1) User is a member of a group1
2) Group1 is a member of Group2
3) Group2 is set as a condition for authentication
4) User signs in

The issue has the following business impact:
Nested groups can not be used to set up authentication policies


Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms