My Oracle Support Banner

Oracle Identity Governance (OIG) 12c: Non-SSO Trusted Recon In SSO Environment Setting "Common Name" As Null (Doc ID 2818011.1)

Last updated on NOVEMBER 05, 2021

Applies to:

Identity Manager - Version 12.2.1.3.0 and later
Information in this document applies to any platform.

Symptoms

When running a non-SSO Trusted reconciliation in an OIG 12c SSO environment, the OIM Users who are created have the following User Form values:

USR_COMMON_NAME=null

USR_LDAP_GUID=null

USR_LDAP_DN=cn=null,<Base DN>

When another account is pulled from the trusted resource and is attempted to be created with the same ldap dn (i.e. cn=null,<Base DN>) the results are that it isn't created since an account already exists with the same incorrect LDAP DN.

This problem occurs even with the OIM System Property SSO.DefaultCommonNamePolicyImpl set to the default value (see KM 2422754.1 on how to customize the plugin)

Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.