Configuring Authentication Using an Active Directory Provider

This section provides an example for how to connect WebLogic to an Active Directory. The specifics of your Active Directory domain may differ from the example given, so consult with your Active Directory administrator to find the correct values, and refer to the WebLogic documentation for specifics on each option.

1. Login to the WebLogic Administration Console.

2. In the Domain Structure pane, click on Security Realms.

3. Click on the default security realm (typically called myrealm).

4. Click on the Providers tab and click the New button.

5. Provide a name for the provider (for example, "nms-provider"), and select ActiveDirectoryAuthenticator as the type.

6. Click the name of the newly created provider.

7. Under the Configuration tab, select the Common tab, and set Control Flag to Optional.

8. Click Save.

9. Under the Configuration tab, select the Provider Specific tab, and set desired values that match your Active Directory configuration.

Examples:

Connection

Host: server.example.com

Port: 389

Principal: cn=Administrator,cn=Users,dc=example,dc=com

Credential: (the password used to connect to the account defined by Principal)

Users

User Base DN: cn=Users,dc=example,dc=com

User From Name Filter: (&(samAccountName=%u)(objectclass=user))

User Name Attribute: samAccountName

User Object Class: user

Groups

Group Base DN: cn=Groups,dc=example,dc=com

Group From Name Filter: (&(cn=%g)(objectclass=group))

10. Click Save.

11. In the Change Center, click Activate Changes.

12. Restart the AdminServer.

13. IMPORTANT: Verify that the users and groups from the Active Directory are configured by looking at the Users and Groups tab under the default security realm. If not, adjust the configuration.