Active Directory Authenticator Configuration with Weblogic or AD Integration with Weblogic

Terminologies

CN: Common name =Users, Groups, Container, Computer
OU: Organisational Unit=Organisation Name
DC:Domain Component=Domain

Domain Controller: A domain controller is a server that is running a version of the Windows Server operating system and has Active Directory Domain Services installed.

Step 1) Create Users & Groups in Default AD container Users.


             Below snapshot shows i have created

             Users: jagan
                        john
                        scott

             Group: testgroup

Users jagan, john & scott are member of testgroup



Step 2) Create Active Directory Authenticator


Login to Wls console ==> Click on Security Realms ==> Click on myrealms ==> Click on Providers ==> Click on New ==> Enter below details & Click on OK

Name: TestADAuthenticator
Type: ActiveDirectoryAuthenticator



Step 2) Set the Control Flag to OPTIONAL to TestADAuthenticator 


Click on newly created AD Authenticator TestADAuthenticator ==> Configuration ==> Common
==> set Control Flag to OPTIONAL ==> Click on Save



Step 3) Now do the Provider Specific configuration for TestADAuthenticator 


Click on newly created AD Authenticator TestADAuthenticator ==> Configuration ==> Provider Specific ==> Provide Below Details & Click on Save

Host: 192.168.113.129
Port: 389
Principal: cn=jagan,cn=Users,dc=abs,dc=com
Credential: xxxxxxx
Confirm Credential: xxxxxxx
User Base DN: cn=Users,dc=abs,dc=com
Group Base DN: cn=Users,dc=abs,dc=com



Step 4) Place the TestADAuthenticator  at the top in providers table


Go to Providers table ==> Click on Reorder ==> select TestADAuthenticator   ==> Using up arrow place TestADAuthenticator  the at the top ==>Click on OK



Step 5) Set the DefaultAuthenticator Control Flag to OPTIONAL 

Go  To Providers Table ==> Click on DefaultAuthenticator ==> Configuration ==> Common ==>set Control Flag to OPTIONAL ==> Click on Save



Step 5) Restart the AdminServer


 cd /oracle/Middleware/user_projects/domains/base_domain/bin
./stopWebLogic.sh
nohup ./startWebLogic.sh &

Step 6) Login with user weblogic & check whether AD Users and Groups are imported or not.


Login to WLS console ==> Click on Security Realm==> Click on myrealms ==> Click on Users & Groups Tab==> Click on Users  ==> Click on Groups

Users:



Group:


Step 7) Assign the role to testgroup by adding it to role condition.

Login to WLS console ==> Click on Security Realm==> Click on myrealms ==> Click on Roles & Policy ==> Expand Global Roles ==> Exapnd Roles ==> Click on "View Role Conditions" against Admin ==> Click on "Add Condition"




Select Group against "Predicate List:" ==> Click on Next



Enter testgroup against "Group Argument Name:" ==> Click on Add ==>Click on Finish



 Click on Save



Step 8) Now logout from weblogic user and use the AD user jagan for login.







Comments

Post a Comment

Popular posts from this blog

How To Recover Custom Identity And Custom Trust Keystore Password

Image
==> Password information are stored in security data file  SerializedSystemIni.dat which cannot be readable like text files. ==> Encrypted passwords are stored in config.xml, boot.properties And DataSource-jdbc.xml file can be visible to user. ==> Using Encrypted password and SerializedSystemIni.dat file we can recover passwords ==> Using this method one can recover password for  weblogic Admin Console KeyStore password Data source Password  1) Create a file DecryptTest.py  with below content in $DOMAIN_HOME/security directory from weblogic.security.internal import * from weblogic.security.internal.encryption import * #This will prompt you to make sure you have SerializedSystemIni.dat file under #current directory from where you are running command raw_input("Please make sure you have SerializedSystemIni.dat inside the current directory, if yes press ENTER to continue.") # Encryption service encryptionService = Seri...
Read more

How To Install Oracle WebLogic Server 12.2.1.1.0 Using Silent Mode ?

Image
Summary       1) Create OS User and Group      2) Create Required Directories      3) Assign The Ownership and Permission To Directories      4) Install the JDK and Export The JAVA_HOME in .bash_profile      5) Prepare The Response file.      6) Create The File oraInst.loc And add inventory_loc and inst_group      7) Start The WebLogic Server Binaries Installation Using Silent Mode      8) Create WebLogic Domain Using WLST. 1. Create OS User and Group        groupadd -g 54321 oinstall        useradd -u 54322 -g oinstall oracle        passwd oracle 2. Create Required Directories         mkdir -p /oracle/Middleware        mkdir -p /jdk/jvm 3. Assign The Ownership and Permission To Directories...
Read more

Cannot load /etc/httpd/modules/mod_wl_24.so into server: libopmnsecure.so: cannot open shared object file: No such file or directory

Image
Issue Definition:-    ==> All plugin files are copied to the apache module folder /etc/httpd/modules   ==> In httpd.conf below line is added     LoadModule weblogic_module  /etc/httpd/modules/mod_wl_24.so   ==> Below issue occurs while loading WebLogic Pxoy Plugin 12.2.1.2.0             While executing " httpd -t "  OR ". /apachectl -t " [root@test2 conf]# httpd -t httpd: Syntax error on line 60 of /etc/httpd/conf/httpd.conf: Cannot load /etc/httpd/modules/mod_wl_24.so into server: libopmnsecure.so: cannot open shared object file: No such file or directory [root@test2 conf]# Cause:-  This issue occurs because link to shared library are not present Solution :-   a) Edit the file  ld.so.conf by adding plugin module path /etc/httpd/modules    vi /etc/ld.so.conf    /etc/httpd/modules   b) Execute below command    ldco...
Read more