Sunday, May 22, 2011

Active Directory Notes

I was working on integration on Active Directory with Oracle UCM 11g and I have the following notes that may be helpful:

- Change DefaultAuthenticator's Control Flag from REQUIRED to SUFFICIENT

- We are not using Oracle UCM LDAP Providers for integration with Active Directory anymore

- Users mapping between Oracle UCM and Weblogic embedded LDAP is done using JpsUserProvider provider

- In Oracle UCM 11g, you can give default roles and accounts for authenticated users, to do that from Oracle UCM Providers page edit a provider called JpsUserProvider and in Default Network Roles field add the default roles separated with commas, for default accounts use Default Network Accounts field

- Any weblogic ldap user assigned to administrators group, he will have Oracle UCM admin role