Reconfigure Oracle Internet Directory as an Authentication Provider

Use these steps to reconfigure the Oracle Internet Directory (OID) LDAP as the authentication provider.

You can configure identity store virtualization so the identity store service can use multiple identity stores. You can split the user profile information across different authentication providers (identity stores). See Configure Identity Store Virtualization Using Fusion Middleware Control.

If the User Name Attribute, or the Group Name Attribute is configured to a value other than cn in Oracle Internet Directory, you must change corresponding values in Oracle WebLogic Server Administration Console. The LDAP authenticators, including the OracleInternetDirectoryAuthenticator and the ActiveDirectoryAuthenticator, default to cn as the user name and group name attributes. You can use alternative attributes for the user name such as uid or mail.

1. Log in to Oracle WebLogic Server Administration Console.
2. In the Change Center, click Lock & Edit.
3. In Domain Structure, select Security Realms, and click myrealm.
4. Click the Providers tab, then click the Authentication tab.
5. Click New.
6. In Create a New Authentication Provider, in the Name field, type a name for the authentication provider such as MyOIDDirectory.
7. From the Type list, select OracleInternetDirectoryAuthenticator.
8. Click OK to save the changes and display the authentication providers list updated with the new authentication provider.
9. In the Authentication Providers table, under the Name column, click MyOIDDirectory.
10. In Settings for MyOIDDirectory, click the Configuration tab and then click the Common tab.
11. From the Control Flag list, select SUFFICIENT, and then click Save.
12. Click the Provider Specific tab, in the Connection properties, type your values for Host, Port, Principal, and Credential.
13. In the Provider Specific tab, Group area, specify value for the Group Base DN (distinguished name).
14. In the Provider Specific tab, Users area, specify the following:

    • User Base DN

    • All Users Filter

    • User From Name Filter

    • Use Retrieved User Name as Principal

    • User Name Attribute

15. Click Save.

You must also complete these tasks:

• Configuring the Default Authenticator Control Flag

• Reordering Authentication Providers

After completing the above tasks, in the Change Center, click Activate Changes, and then restart Oracle WebLogic Server.