Users Receive "invalid approval/rejection password." when Attempting to Approve a Change (Doc ID 1483625.1)

Last updated on FEBRUARY 13, 2024

Applies to:

Symptoms

On : 9.3.1.2 version, Directory Access Protocol, LDAP users are not able to Approve with the LDAP Password and receive the following error in Web Client:

ERROR

"Invalid approval/rejection password."


STEPS
-----------------------
The issue can be reproduced at will with the following steps:

1. Setting LDAP in Java Client

User Path: DC=company, DC=com
Search Scope: ONE_LEVEL
Search Filter: (objectclass=person)
Mechanism: simple
Group Path: OU=mygroups, DC=company, DC=com
Group Scope: SUB_TREE
Group Filter: (cn=Agile_Users)

Leave other fields blank

2. Setting in Weblogic

User Base DN: DC=company,DC=com
All Users Filter: (objectclass=person)
User From Name Filter: leave it blank
User Search Scope: onelevel
User Name Attribute: sAMAccountName
User Object Class: user
Group Base DN: OU=mygroups,DC=company,DC=com
All Groups Filter: (cn=Agile_Users)
Group From Name Filter: leave it blank
Group Search Scope: subtree
Group Membership Searching: unlimited
Max Group Membership Search Level: 0
Static Group Name Attribute: cn
Static Group Object Class: group
Static Member DN Attribute: member
Static Group DNs from Member DN Filter: (&(member=%M)(objectclass=group))

Leave other fields with default value.

3. Restart Weblogic and try to use the ldap user login and approve Changes.

Changes

Cause

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.