|         | 
 
  You use Oracle Internet Directory Authentication provider to access user and group information stored in the Oracle Internet Directory LDAP V3 service.
Note that each security realm must have one at least one Authentication provider configured. The Control Flag attribute determines how the LoginModule for each Authentication provider is used in the authentication process. For more information, see Set the JAAS control flag.
If the Oracle Internet Directory Authentication provider is the only Authentication provider configured in the security realm, make sure that the LDAP user who boots WebLogic Server is added to a group that is assigned to the Admin role. Otherwise, WebLogic Server cannot be booted. If the Oracle Internet Directory Authentication provider fails to connect to the LDAP server, or throws an exception, make sure the configuration settings for this provider are set correctly as described in the steps that follow. For more information about these configuration settings, see Configuring Users and Groups in the Oracle Internet Directory and Oracle Virtual Directory Authentication Providers.
To configure the Oracle Internet Directory Authentication provider:
myrealm).
      The Create a New Authentication Provider page appears.
cn=users,dc=us,dc=oracle,dc=com.
          cn,
            change that type in the settings for each of the following
            attributes: All Users Filter,
            User From Name Filter, and User
            Name Attribute. For example, if the user name
            attribute type is uid, change All
            Users Filter to
            (&(uid=*)(objectclass=person)))in bold.)
        cn, change that type in the settings for the
            All Groups Filter and Group From
            Name Filter attributes.
             
              For example, if the static group name attribute is type
              uid, change All Groups
              Filter to
              (&(uid=*)(|(objectclass=groupofUniqueNames)(objectclass=orcldynamicgroup))),
              and change Group From Name Filter to
              (|(&(uid=%g)(objectclass=groupofUniqueNames))(&(cn=%g)(objectclass=orcldynamicgroup)))
cn, change that type in the settings for the
            All Groups Filter and Group From
            Name Filter attributes.
             
              For example, if the dynamic group name attribute is type
              uid, change All Groups
              Filter to
              (&(uid=*)(|(objectclass=groupofUniqueNames)(objectclass=orcldynamicgroup))),
              and change Group From Name Filter to
              (|(&(cn=%g)(objectclass=groupofUniqueNames))(&(uid=%g)(objectclass=orcldynamicgroup))).
groupofnames (instead of
            groupofuniquenames), and the static member DN
            attribute is of type member (instead of
            uniquemember), change the
            objectclass element in the All Groups
            Filter and Group From Name
            Filter attributes.
             
              For example, set All Groups Filter as
              (&(cn=*)(|(objectclass=groupofnames)(objectclass=orcldynamicgroup))),
              and set Group From Name Filter as
              (|(&(cn=%g)(objectclass=groupofnames))(&(cn=%g)(objectclass=orcldynamicgroup))).
cn, specify that type
            in Static Group Name Attribute. Note that
            the type you specify must be consistent with the name attribute
            type specified in the All Groups Filter and
            Group From Name Filter attributes.
          groupofnames, if necessary, and make sure it
            matches the class name specified in the All Groups
            Filter and Group From Name
            Filter attributes.
          groupofnames, change Static Member DN
            Attribute to member.
          |  |