Skip to Main Content

Security Software

Announcement

For appeals, questions and feedback, please email oracle-forums_moderators_us@oracle.com

WebLogic integration with Active Directory for authentication provider

Sandeep Kumar skMar 31 2019 — edited Sep 15 2020

I am configuring WebLogic 12c with Active Directory as a Provider and have few questions if someone has done a WebLogic integration with Active Directory.

For the WebLogic Provider configuration 1), 2), 3)

1) Host:          For the hostname of the Active Directory Domain Controller, can we put multiple hosts, comma separated? Since there are multiple domain controllers.

2) User DN:   Can we provide the base DN of the users in AD (like DN=Users, dc=example,dc=com). Is this top level DN allowed?  (Note, we tested with one user first and provided his particular DN. Since the users are spread across various OU we wanted to make sure authentication works fine for one user, which does work fine)

3) Group DN:  Do we require a special group in AD where all the users can be put in? And this group needs to be put in the Group info in the WebLogic configuration in the Provider settings?

For weblogic.xml configuration

4) One of the step is configuring weblogic.xml file. Here we have provided username of a particular user and his particular DN, for a test and authentication works fine with below settings. However these settings are for a particular user. What needs to be put in for "principal-name" so that all/other users can also login? Similarly what needs to be put in for "role-name"?

<wls:security-role-assignment>

    <wls:role-name>Valid Users</wls:role-name>

    <wls:principal-name>userabc</wls:principal-name>

</wls:security-role-assignment>

This post has been answered by User_886HI on Apr 1 2019
Jump to Answer
Comments
Post Details
Added on Mar 31 2019
3 comments
190 views