How to enable LibOVD? 

Recently I added an external LDAP provider in my Weblogic Security Realm. The users and groups in the LDAP are visible inside WebLogic console but not in the enterprise manager or in the BPM workspace.

My goal is BPM workspace should authenticate the users in external LDAP, so  I went to WL enterprise manager and searched an LDAP user to add into the BPM

 Application Roles, but the search result shows empty  

 

Issue with Multiple Providers in Security Realm

By default, the Oracle BPM or the Weblogic Enterprise manager look into the provider Default Authenticator in security Realm to retrieve users & groups. It won’t look for other providers unless we specify. 

Enable LibOVD

LibOVD is an Oracle virtualization library that syncs the LDAP between Fusion Middleware and all providers in the WebLogic security realm. We must enable LibOVD to retrieve users and groups from external LDAP in FMW. Follow the steps to enable libovd:   

  1. Login into WebLogic EM, The default URL is http://localhost:7001/em
  2. Expand WebLogic Domain >> Right click on your DOMAIN,  Security, Security Provider Configuration
  3. Click on the button Configure under Identity Store Provider
  4. Add the below two properties
Property Name Value
virtualize true
OPTIMIZE_SEARCH true

     5. Restart Admin & Managed servers & Search the user again 

 

That’s it. The LibOVD is enabled.The above properties are added into the jps-config.xml file 

Test the LibOVD is enabled

  1. Go to the <MW_HOME>\user_projects\domains\<DOMAIN>\config\fmwconfig\ovd\default  directory 
  2. Edit the file adapters.os_xml
  3. Check the id attribute in <ldap> element. For example, If you have external LDAP provider and Default Authenticator  in you WebLogic security realm then  you would see two <LDAP> element with the corresponding name 

 

 

govindan Enable LibOVD : LDAP users are not visible in em and BPM workspace
Connect me

Govind

Thank you for visiting my personal blog. Myself Govindan, Software Developer by profession since 2006 and hence I started this blog early in 2016 and ever since I've been writing about technologies experienced and learnings of everyday life.

The views expressed on this blog are my personal views and do not necessarily reflect the views of my employer.

Please feeling free to reach me on any comments and feedbacks you have. Would be more than glad to listen and reply šŸ™‚
govindan Enable LibOVD : LDAP users are not visible in em and BPM workspace
Connect me
By | 2017-02-27T21:37:03+00:00 February 25th, 2017|Categories: BPM, WebLogic|Tags: , , |0 Comments
Like us on Facebook.
Connect!