Active Directory and SOA 11g

. Login to Weblogic Console ( http://host:7001/console) and go to
Security Realms -> myrealm -> Providers

2. Click on "New" to create a new Provider. Let's assume you will call this provider AD.
You must select ActiveDirectoryAuthenticator as provider type.
Click OK.

3. Now , you should have the following list of providers. At this point we need to reorder the provider
list so that AD will be the first one. This step is needed for Worklist application, otherwise you
will not be able to login with the AD users in worklist.

After reordering you should have the following list of providers

4. Click on AD provider and then open the tab Provider Specific .
NOTE : this is an example, you should set the parameters to match your AD configuration.

The rest you can leave unchanged for now. Click Save.

5. Now edit BOTH the AD and the DefaultAuthenticator provider and set
Control Flag: SUFFICIENT

6. Restart Admin and SOA managed server to activate the changes

7. Create a new User in AD - let's call it 'dummy'

8. Look in Weblogic Console at "Users and Groups" in "myrealm" . You should be able to see the new AD user "dummy"

9. Now try to login to worklist (http://host:8001/integration/worklistapp/)
You should be able to login with "dummy" user .

Posted in Labels: , , , |


  1. Anonymous Says:

    In EM FMW control, under SOA -> soa-infra -> SOA Infrastructure -> Administration -> System Mbean Browser -> Application Defined Mbeans - > -> Server - > WorkflowIdentityConfig -> human-workflow -> WorkflowIdentityConfig.ConfigurationType -> select the configuration and rename by invoking the operation setRealmName

  2. sap upgrade testing Says:

    Excellent. You have made this whole process so easy for me. I just followed each step shared above and successfully login with dummy user. Earlier I tried it many times but ended up doing some silly mistakes that I have realized from your post. Thanks.