My Oracle Support Banner

Getting "The Logged-in User Does Not Have AddRoleMemberships Permission" Error With Role Assignment (Doc ID 2489532.1)

Last updated on AUGUST 07, 2019

Applies to:

Identity Manager - Version 11.1.2.3.161018 to 11.1.2.3.181009 [Release 11g]
Identity Manager - Version 12.2.1.3.0 to 12.2.1.3.180920 [Release 12c]
Information in this document applies to any platform.

Goal

In a OIM-OAM Integrated setup with LDAP Sync:


Created a Role, for example cn=External Users,cn=Groups,ou=external,dc=example,dc=com and after that if one tries to add a user to the role, it seen a different container value such as cn=External Users,ou=groups,dc=example,dc=com and following error is seen:


Steps to reproduce:
1) Login as <OIM ADM SYS USER>
2) Create a Role (LDAP Sync with OUD. Check the Role in OUD)
3) Add a user to a External role and it would fail

 

This issue is similar to the issues in Note: 2167488.1 but is seen even after the fix from that note is applied.

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.