This problem occurs for both OpenSSO 8.0 Update 2 and OpenSSO 8.0 Update 2 patch 1. If you create an Active Directory data store and then log in to the OpenSSO administration console using the Active Directory authentication module, OpenSSO returns the error message “User has no profile in this organization” to your browser.
Workaround. To use the Active Directory data store and authentication module with OpenSSO 8.0 Update 2 or OpenSSO 8.0 Update 2 patch 1, perform these steps:
Log in to the OpenSSO Administration Console.
Under the Active Directory data store configuration, make these changes:
For the LDAPv3 Plug-in Supported Types and Operations, change:
user=read,create,edit,delete
to
user=read,create,edit,delete,service
In Attribute Name Mapping, add the following attribute mappings:
iplanet-am-user-alias-list=objectGUID
employeeNumber=distinguishedName
mail=userPrincipalName
portalAddress=sAMAccountName
telephonenumber=displayName
uid=sAMAccountName
Click Save and log out of the console.
Restart the OpenSSO web container.