4 Replies Latest reply on Apr 29, 2013 12:51 PM by user12075358

    Unable to login to OID using AD Users based On AD Group Membership


      Our requirement is one way synchronization AD Group ( ex: cn=adgroup,cn=users,dc=domain,dc=com) to OID Container (ex : cn=appusers,cn=users,dc=domain,dc=com).

      Here are some DIP mapping rules:
      userPrincipalName: : :user:uid: :inetorgperson:trunc(userPrincipalName,'@')
      member: : :group:uniquemember: :groupofUniqueNames:trunc(member,',')+',cn=adgroup,cn=users,dc=domain,dc=com'

      Here is DIP search filter:

      AD Users within the group are successfully synchronized to OID Container and also i am able to compare and bind the users using ldapbind and ldapcompare commands.
      But login to OAM is not working.

      Is there any thing i am missing here?

      You comments, suggestions will be greatly appreciated.