"ADSI can be enabled for either User or Configuration DB Profile if they are in a separate forest. When you change the ADSI flag in the configuration data DB profile to LDAP using the Identity System Console and restart Oracle Access Manager servers and services, the ADSI flag remains enabled and the following message appears: Symptom: Suppose you have user data stored in an Active Directory forest using LDAP and configuration and policy data stored in another Active Directory forest using ADSI. However, Oracle Access Manager does not support changing the configuration or policy DB profile between ADSI and LDAP using the System Console. Oracle Access Manager supports changing the user data DB profile between ADSI and LDAP using the Identity System Console. This forces Oracle Access Manager threads to use separate LDAP connections for bind requests being sent to the directory server.ĪDSI Cannot Be Enabled for this DB Profile (Active Directory)ĭynamically-Linked Auxiliary Classes for Active DirectoryĪppendix A, "Installing Oracle Access Manager with Active Directory"Į.2.1.2 ADSI Cannot Be Enabled for this DB Profile (Active Directory) On the Access Server, locate the globalparams.lst file and open this in an editor.Īdd a new flag called exclusiveAuthnConnection and set it to true. This may cause spurious authentication failures. However, Active Directory 2000 does not support concurrent binds requests coming from different Oracle Access Manager threads on the same LDAP connection. Several Oracle Access Manager threads may share the LDAP connection for efficient processing of requests. Oracle Access Manager servers are multi-threaded and maintain a pool multiple LDAP connections to the directory server. Active Directory 2000 does not support concurrent bind requests coming from different Oracle Access Manager threads on the same LDAP connection.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |