My Oracle Support Banner

Active Directory LDAP Provider - Cannot Remove All Groups Filter (Doc ID 2310285.1)

Last updated on SEPTEMBER 29, 2023

Applies to:

Oracle WebLogic Server - Version 10.3.6 to
Information in this document applies to any platform.


When configuring an ActiveDirectoryAuthenticator in Weblogic, once a value has been added and saved to the All Groups Filter, it cannot be removed, only changed. When you change it to an empty value and click save, a message is displayed saying "All changes have been activated. No restarts are necessary." If you change it to any other value, a restart is necessary.

NOTE: This document was written based on the confirmation of the solution when using the ActiveDirectoryAuthenticator.
It is possible that the same issue can occur for other authentication types such as Open LDAP.
Therefore the solution may be applicable in those cases, but are outside the scope of this document as written at this time.

The issue can be reproduced at will with the following steps:

1. Create new Active Directory provider.

2. Once the provider is created, enter a value for "All Users Filter" or "All  Groups Filter" in the Provider Specific page.

3. Save and activate the changes, restart the AdminServer.

4. Open the console and try to remove the text specified for "All Users Filter" or "All Groups Filter".


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.