Weblogic - Active
Directory integration
1. Create Group in AD ( i Created Group
"oamadministrator")
2. Create User in AD with password Never Expires option.
3. Make the User Member of the Group
"oamadministrator" later will
add the Group in Weblogic so that all the users in the AD group
"oamadministrator" can login to Weblogic.
4. Login as Weblogic . And Click on Security Realms - - > myrealm.
5. Navigate to Provider
Tab and click on New
6. Create New Provider with name "ADStore" and select Type :- ActiveDirectoryAuthenticatior. and click OK.
7. Click on "ADStore"
Provider . In Common Tab of ADStore set Control Flag to "SUFFICIENT" . click on SAVE
8. Click on "ADStore"
Provider . In Provider Specific Tab of
ADStore provide the following details.
Host Name :- X.X.X.X
Port :- 389
Principal :- Give the
User Name which is having administrator rights in AD.
Credentials :- *********
User Base DN:-
CN=Users.DC=oam,DC=com
Group Base DN:-
CN=Users.DC=oam,DC=com
9. Click on Save.
10.
Navigate to Security Realms-
- > myrealm - -> Providers. Click on Reorder.
11.
Select ADStore move
it next to DefaultAuthenticator. Click OK.
12.
Navigate to Security
Realms- - > myrealm - -> Providers. Click on DefaultAuthenticator. in the DefaultAuthenticator Provider Common tab set Control Flag to Sufficient.
13.
Restart the Sever.
14.
Login as "Weblogic". Check whether you
can see the Groups and Users by navigating to Security Realms -
-> myrealm - -> Users and Groups.
15.
navigating to
Security Realms - -> myrealm - -> Roles
and Policies - -> Realm Roles.
16.
Expand Global Roles -
-> Roles. Click on View Role Conditions of
Admin.
17.
Click on Add Conditions.
18.
Select Group in
Predicate List.
19.
Give oamadministrator
and click on Add. and click on Finish.
21.
Logout and login as oamadmin uses with AD
password.
No comments:
Post a Comment