apps-infra

    Forum Stats

  • 3,873,729 Users
  • 2,266,635 Discussions
  • 7,911,624 Comments

Discussions

WebLogic integration with Active Directory for authentication provider

Sandeep Kumar sk
Sandeep Kumar sk Member Posts: 496 Silver Badge
edited Sep 15, 2020 4:03PM in Identity Manager

I am configuring WebLogic 12c with Active Directory as a Provider and have few questions if someone has done a WebLogic integration with Active Directory.

For the WebLogic Provider configuration 1), 2), 3)

1) Host:          For the hostname of the Active Directory Domain Controller, can we put multiple hosts, comma separated? Since there are multiple domain controllers.

2) User DN:   Can we provide the base DN of the users in AD (like DN=Users, dc=example,dc=com). Is this top level DN allowed?  (Note, we tested with one user first and provided his particular DN. Since the users are spread across various OU we wanted to make sure authentication works fine for one user, which does work fine)

3) Group DN:  Do we require a special group in AD where all the users can be put in? And this group needs to be put in the Group info in the WebLogic configuration in the Provider settings?

For weblogic.xml configuration

4) One of the step is configuring weblogic.xml file. Here we have provided username of a particular user and his particular DN, for a test and authentication works fine with below settings. However these settings are for a particular user. What needs to be put in for "principal-name" so that all/other users can also login? Similarly what needs to be put in for "role-name"?

<wls:security-role-assignment>

    <wls:role-name>Valid Users</wls:role-name>

    <wls:principal-name>userabc</wls:principal-name>

</wls:security-role-assignment>

Tagged:
Sandeep Kumar skP Suresh

Best Answer

Answers

apps-infra