2 Replies Latest reply on Sep 16, 2011 3:54 PM by 866992

    Problem connecting to Active Directory after upgrade

    866992
      Hello Everyone,

      I have a strange problem. I recently moved my ApEx environment from ApEx 4.0, WLS 10.3.3, and ApEx Listener 1.1.2 to ApEx 4.0 (and 4.1), WLS 10.3.5, and ApEx Listener 1.1.2 (and 1.1.3).
      The problem is that for the same applications, they could authenticating to an Active Directory before the upgrade, but fail to do so after the upgrade.
      So, my question to anyone who may have seen this problem, do you know the cause and what is the solution. This may have to do with the version of WLS (or WLS and ApEx Listener).

      Thanks.

      Tarek
        • 1. Re: Problem connecting to Active Directory after upgrade
          Udo
          Hello Tarek,

          which database version do you use? If it's some 11g release, you have to enable network services for the APEX user. Especially for the upgraded 4.1 instances, you have a new database user (APEX_040100 vs. APEX_040000 from APEX 4.0) that needs to get the ACLs again, even if you've done this for the (old) APEX 4.0 installation. See the corresponding[url http://download.oracle.com/docs/cd/E23903_01/doc/doc.41/e21673/otn_install.htm#BABBHCID]APEX Installation Guide for details.

          If this doesn't solve the problem in your scenario, could you please post the error message(s) that you get when the authentication fails?

          Thanks,
          -Udo
          • 2. Re: Problem connecting to Active Directory after upgrade
            866992
            Thank you Udo for your reply. The problem is caused by the fact that I am using 11.2.0.2 which has some significant changes in the way ACLs are processed. The solution was to add the following permission

            dbms_network_acl_admin.add_privilege(
            acl => 'portal-permissions.xml',
            principal => 'APEX_040100',
            is_grant => TRUE,
            privilege => 'connect' );


            I hope this can be useful for someone else as it is not well documented.

            T