Lookupuser() Method Does Not Find Users In Third Party Ldap, Keeps Defaulting To Uid In Search Criteria. (Doc ID 976317.1)

Last updated on NOVEMBER 03, 2016

Applies to:

Oracle(R) BPEL Process Manager - Version: 10.1.3.4 and later   [Release: AS10gR3 and later ]
Information in this document applies to any platform.
***Checked for relevance on 23-JAN-2012***

Symptoms

After configuring the is_config.xml to third party LDAP (eg. eDirectory), in the identity service test page (http://<host>:<port>/integration/services/IdentityService/identity ), the lookupuser() method could not find the user.

The following is an example of settings in is_config.xml.

<userControls>
<property name="nameattribute" value="cn"/>
<property name="objectclass" value="inetOrgPerson"/>
<search searchbase="ou=au,o=Oracle"
scope="subtree" maxSizeLimit="1000" maxTimeLimit="30"/>
</userControls>

In the domain.log, after setting the default.collaxa.cube.services to DEBUG,  you will witness that the search filter is always using “uid”, Even though the value of “nameattibute” is set to “cn” or other value like 'xy' or 'abc', in is_config.xml file.

Domain.log file:
<2009-11-24 12:08:20,978> <DEBUG> <default.collaxa.cube.services> <LDAPProvider::searchUsers> Search filter=(&(objectclass=inetOrgPerson)(uid=<variable>))



Note: Some third party Ldap servers might not have the field uid.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms