Enable Users & Groups List in EM Console with libovdconfig

By October 25, 2018 4 min read SOA - Oracle Fusion Middleware

Symptoms:

  •  Unable to find LDAP users and groups in EM though same can be seen in WebLogic Console

Errors and Warnings in Logs:

<Error> <oracle.adf.share.security.providers.jps.JpsUtil> <BEA-000000> <
Caused By: oracle.igf.ids.arisid.ArisIdConnectionException: Operations error: entity=OU=people,OU=xxxxxx,o=xxxxxx op=find mesg=   AdditionalInfo: LDAP Error 2 : simple bind failed: <<LdapHost>>:portNumber
Caused By: oracle.ods.virtualization.service.VirtualizationException: oracle.ods.virtualization.engine.util.DirectoryException: LDAP Error 2 : simple bind failed: ovd-<<LdapHost>>:portNumber
Caused By: oracle.ods.virtualization.engine.util.DirectoryException: LDAP Error 2 : simple bind failed: <<LdapHost>>:portNumber

<Warning> <oracle.igf.ovd> <IGF-00008> <Operations error: entity=OU=people,OU=xxxxxx,o=xxxxxxxx op=find mesg=Protocol Error LDAP Error 2 : simple bind failed: <<LdapHost>>:portNumber

<Error> <oracle.adf.share.security.providers.jps.JpsUtil> <BEA-000000> <null>

Steps to Configure libovd:

  • Pre-requisites: AdminServer should be up and running.
  • Set environment variables.
    • export JAVA_HOME= <<JDK_HOME>>
    • export PATH= <<JDK_HOME>>/bin:${PATH}
    • export WL_HOME= <Products_home>> /fmw/wlserver
    • export PATH=<WL_HOME>>/bin:${PATH}
    • export ORACLE_HOME = <<Products_home>>/fmw
  • Go to <Prodcuts_Home>>/fmw/oracle_common/bin
  • Run libovdconfig.sh

Sytax: libovdconfig.sh -host wls_host -port wls_adminserver_port -userName
wls_user_name -domainPath full_path_domain_home -createKeyStore

Enter AdminServer password: ********
Enter OVD Keystore password: ********

  • Go to <<Domain_Home>>/config/fmwconfig/ovd/default/

You will notice “keystore” directory created.

  • Go to keystore directory, you will notice adapters.jks file.
  • Import your organisation Root and intermediate certificates

keytool -importcert -alias <<root>> -keystore adapters.jks -storepass changeit -file <<RootCertificate>>

keytool -importcert -alias <<Intermediate>> -keystore adapters.jks -storepass changeit -file <<intermediateCertificate>>

keytool -list -keystore adapters.jks -storepass changeit

  • Restart AdminServer
  • Login to EM console and verify users and groups lists.