My Oracle Support Banner

Lookupuser() Method Does Not Find Users In Third Party Ldap, Keeps Defaulting To Uid In Search Criteria. (Doc ID 976317.1)

Last updated on MARCH 27, 2020

Applies to:

Oracle(R) BPEL Process Manager 10g - Version and later
Information in this document applies to any platform.
***Checked for relevance on 23-JAN-2012***


After configuring the is_config.xml to third party LDAP (eg. eDirectory), in the identity service test page (http://<host>:<port>/integration/services/IdentityService/identity ), the lookupuser() method could not find the user.

The following is an example of settings in is_config.xml.

<property name="nameattribute" value="cn"/>
<property name="objectclass" value="inetOrgPerson"/>
<search searchbase="ou=au,o=Oracle"
scope="subtree" maxSizeLimit="1000" maxTimeLimit="30"/>

In the domain.log, after setting the to DEBUG,  you will witness that the search filter is always using “uid”, Even though the value of “nameattibute” is set to “cn” or other value like 'xy' or 'abc', in is_config.xml file.

Domain.log file:

<2009-11-24 12:08:20,978> <DEBUG> <> <LDAPProvider::searchUsers> Search filter=(&(objectclass=inetOrgPerson)(uid=<variable>))

Note: Some third party Ldap servers might not have the field uid.


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.