Oracle Access Manager (OAM) Adaptive Authentication Rule for Memberof Transformation Fails For Some Users
(Doc ID 2892100.1)
Last updated on AUGUST 26, 2022
Applies to:Oracle Access Manager - Version 220.127.116.11.210920 and later
Information in this document applies to any platform.
Adaptive Authentication Rule for Memberof Transformation Fails For Some Users
- Oracle Access Manager (OAM)
- Oracle Unified Directory (OUD) Proxy in front of OUD and 3 Active Directories (AD) domains.
- memberof tranformation rule so to get the group membership in one attribute through the proxy.
- Using the following rule to exclude some users from 2FA - str(user.userMap['memberof']).lower().find('idmbypass2fa') <= 0 (if a user has the group idmbypass2fa 2fa is not enforced otherwise ask for 2fa).
- This works fine with some users but with others it doesn't.
- No difference in the user objects in LDAP.
- The output of the "memberof" attribute from a header in OAM for the users that do not work, the "memberof value" is not complete.
- From the OAM log ...
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document