This content has been marked as final. Show 1 reply
By default, WLP stores policy data such as roles/users/groups in both weblogic server embedded ldap and db to support user entitlements.
The WebLogic Server embedded LDAP server for a domain consists of a master LDAP server, maintained in the domain’s Administration Server, and a replicated LDAP server maintained in each Managed Server in the domain. I think in your case, the ldap data of admin server and all managed server are not in sync.
Probably you have checked "Refresh Replica At Startup" - when enabled/checked the embedded LDAP server in a Managed Server will refresh all replicated data at boot time only. That is reason why when you restart the servers, the roles populated from all managed servers.
For more details see the doc at http://docs.oracle.com/cd/E15051_01/wls/docs103/secmanage/ldap.html#wp1102162