Oracle Identity Governance (OIG) 12c: Non-SSO Trusted Recon In SSO Environment Setting "Common Name" As Null (Doc ID 2818011.1)

Last updated on MAY 01, 2023

Applies to:

Identity Manager - Version 12.2.1.3.0 and later
Information in this document applies to any platform.

Symptoms

When running a non-SSO Trusted reconciliation in an OIG 12c SSO environment, the OIM Users who are created have the following User Form values:

USR_COMMON_NAME=null

USR_LDAP_GUID=null

USR_LDAP_DN=cn=null,<Base DN>

When another account is pulled from the trusted resource and is attempted to be created with the same ldap dn (i.e. cn=null,<Base DN>) the results are that it isn't created since an account already exists with the same incorrect LDAP DN.

This problem occurs even with the OIM System Property SSO.DefaultCommonNamePolicyImpl set to the default value (see KM 2422754.1 on how to customize the plugin)

Changes

Cause

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

Oracle Identity Governance (OIG) 12c: Non-SSO Trusted Recon In SSO Environment Setting "Common Name" As Null (Doc ID 2818011.1)

Applies to:

Symptoms

Changes

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!