My Oracle Support Banner

Group Members Added Incorrectly In OIDDAS If Not In The Search Base (Doc ID 977203.1)

Last updated on MARCH 08, 2019

Applies to:

Oracle Internet Directory - Version to [Release 10gR3]
Information in this document applies to any platform.


If user accounts or groups are created in a location other that the default user or group search base, for example in a sub-container under the search base, then adding one of these users or groups as a member of another group result in the group membership not displaying correctly.

When viewed in DAS on the "View Group" page the member is not displayed at all, the "Manage Group" page displays the member as type "other" and the information is not displayed correctly - blank.

If the group is viewed using Oracle Directory Manager or other LDAP tools it will be seen that the uniquemember attribute of the group contains an incorrect DN for the newly added members.

This group would also not be able to be used to assign privileges because the DN shown in the group membership does not exist.

Also, if one of the groups is added as a role in OIDDAS user configuration, the role is not available in the list of roles to add to a user account. Also not visible in the list of roles when returning to the user configuration.


Users or groups are created in a container other than the default user search base.

For example:
DAS Configuration tab shows:
User Search Base: cn=Users,dc=company,dc=com
User Create Base: cn=Internal,cn=Users,dc=company,dc=com

Group Search Base: cn=Groups,dc=company,dc=com
Group Create Base: cn=Roles,cn=Groups,dc=company,dc=com


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.