Configuring OpenDS with Weblogic Server

Download Install and Configure OpenDS.

I used the following LDIF as BASE while installing OpenDS.

dn: dc=oracle,dc=com
dc: oracle
objectClass: domain
objectClass: top

dn: ou=TEST, dc=oracle,dc=com
ou: TEST
objectClass: organizationalUnit
objectClass: top

dn: cn=faisal,ou=TEST, dc=oracle,dc=com
uid: faisal
userPassword:: e1NTSEF9dnhBYUZKRzBONmwzWTdRMHBQRmdiczZrRHd5VUNwWCtCQTdlaHc9PQ
objectClass: person
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: top
givenName: Faisal
sn: Khan
cn: faisal

dn: cn=testuser,ou=TEST, dc=oracle,dc=com
uid: testuser
userPassword:: e1NTSEF9YXpZckZodWpla1FjWUNqcFJDQlRUeFRjOGNPa0NtaTF1a1hqWUE9PQ
objectClass: person
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: top
givenName: testuser
sn: testuser
cn: testuser

dn: cn=TestGroup,ou=TEST, dc=oracle,dc=com
description: TestGroup
objectClass: groupOfUniqueNames
objectClass: top
uniqueMember: cn=faisal,ou=TEST,dc=oracle,dc=com
cn: TestGroup

Create an LDAP Authenticator.

Home >Summary of Security Realms >myrealm >Providers > Create New LDAPAuthenticator.


In the Provider Specific Tab provide the following details:

PORT : 1389
Principal : cn=faisal,ou=TEST, dc=oracle,dc=com
User Base DN : ou=TEST, dc=oracle,dc=com
Credentials : XXXXXXXXXXX
Group Base DN : ou=TEST, dc=oracle,dc=com

Leave the rest as default.

Now go to

Home >Summary of Security Realms >myrealm >Providers >Realm Roles
Expand Global Roles -> Expand Roles -> Click on View Role Conditions of the Admin Role -> Click on Add Conditions -> Select User in Predicate List -> Click Next -> In User Argument Name ADD faisal and FINISH -> Click Save

Change the control flag of the Default Authenticator as SUFFICIENT.

Log out and log in as faisal !


<sec:authentication-provider xsi:type=”wls:ldap-authenticatorType”>
<wls:principal>cn=faisal,ou=TEST, dc=oracle,dc=com</wls:principal>
<wls:user-base-dn>ou=TEST, dc=oracle,dc=com</wls:user-base-dn>
<wls:group-base-dn>ou=TEST, dc=oracle,dc=com</wls:group-base-dn>



  1. I’m curious if you ever got this to work with SunDS and MS-AD both configured at the same time?

    1. Hi Vince,

      You can have MS-AD authenticator and SunDS configured at the same time.
      We just need to create two authentication providers.


Comments are closed.