Wednesday, December 08, 2010

How to add LDAP users to a UCM role

 Usually, when integrating with an LDAP server you will manage all memberships of users by mapping LDAP groups to UCM roles or accounts.

However, sometimes you don't have control over LDAP to create and modify the roles you need in your UCM application. In 11g there one easy way to do this is to modify the user's type to "Local" allowing you to add the user in to the UCM roles via the old User Applet, check this Oracle blog for more info (https://blogs.oracle.com/kyle/entry/mixed_authentication_and_autho) ...


Alternatively or for older versions like 10g you can use the Extended User Attributes to query and modify user's memberships. You need the Extended User Attributes component, you can find it as part of the CS10gR35UpdateBundle patch. After installing the component, you can add or remove access using the Extended User Attributes Services you can find some information in the Oracle documentation (http://download.oracle.com/docs/cd/E14571_01/doc.1111/e11011/c12_extuserattr002.htm )

Here is a simple example of how to query the external users access:

Parameter received (dName): <!--$dName--><br />

<body>



dName: <!--$dName-->

<br>

Date:<!--$ dateCurrent() -->



<table border=1>

 <tr>

   <td><b>User</b></td>

   <td><b>Application</b></td>

   <td><b>Access</b></td>

  </tr>

  <!--$executeService("QUERY_EXTENDED_USER_ATTRIBUTES")-->

  <!--$loop ExtUserAttribInfo -->

  <tr>

   <td><!--$dUserName--></td>

   <td><!--$dApplication--></td>

   <td><!--$AttributeInfo--></td>

  </tr>

 <!--$endloop-->

<table>


</body>

Posted by Homer at 10:59 AM

Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)