Last updated on SEPTEMBER 15, 2016
Applies to:Oracle Virtual Directory - Version 10.1.4.2 and later
COREid Identity - Version 10.1.4 and later
Information in this document applies to any platform.
- Oracle Virtual Directory (OVD) 10.1.4.2.0 used as the Oracle Access Manager (OAM) User Data Store. Root DN is defined as, for example, dc=mycompany,dc=com.
- Oracle Internet Directory 10.1.4 used as well.
- One supplying Directory is Active Directory (AD) with a configured namespace of, for example, o=myad,dc=mycompany,dc=com.
- The other supplying Directory is OpenLDAP and is configured as o=myopenldap,dc=mycompany,dc=com as OAM Config & Policy DataStore, and the root DN is defined as dc=mycompany,dc=net.
- Everything Open Mode.
- Followed the documentation (and/or an Oracle By Example/OBE) to setup OAM with OVD (and AD adapter).
- Configured as per instructions for OAM to use a person objectclass of inetorgperson, under the section for Identity Server System Console setup process > Product Setup > Person Objectclass = inetOrgPerson.
- However, OAM is unable to retrieve any AD user when searching with the configured inetorgperson objectclass as filter.
- Able to search and retrieve usernames from the backend OpenLdap server, but from underlying AD backend directory.
- OVD access.log shows following error when searching for user "Scott" in as the OAM/IdM Console Administrator:
[2008-08-07 08:53:00,690] conn=330 op=42 SRCH base="dc=mycompany,dc=com" scope=2
[2008-08-07 08:53:00,699] conn=330 op=42 RESULT err=2 tag=0 nentries=0 etime=9 mem=3516464/18079744
[2008-08-07 08:53:11,294] conn=2787 fd=0 slot=0 connection from <IP address> to <IP address> port 1636
- Via command line, able to search and retrieve AD users with filter of objectclass=* instead, so how to change OAM configuration for inetorgperson to *, i.e., any objectclass?
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
Million Knowledge Articles and hundreds of Community platforms