Enable Auto-Provisioning of Users in EM12c

While writing a separate article on EM12c’s Security Authentication, I felt the need to separate out the various parts and pieces which make up the discussion. Rather than have one quite long post, a few smaller ones would make for an easier read.

In this one, I’d like to show you how to enable auto-provisioning for external users in EM12c. Quoting the documentation below, the intent is self explanatory.

“Typically the external LDAP users need to be created in Enterprise Manager before they can log in to the Enterprise Manager console. Auto provisioning removes that requirement by automatically creating the Enterprise Manager user account upon successful authentication of the user the first time he logs on to Enterprise Manager.”

Basically, if the property is not enabled, during the authentication-authorization phase the attempt to log will fail with an “Authentication Failed” message. You would have to dig down quite deep in the EMGC_OMSx Server LDAP logs to find that during the authorization phase the user would not map.

When I first had to do this in version 12.1.0.2.0, I found a neat video that Oracle posted which described the process of LDAP Authentication from start to finish. With respect to my post, the relevant steps are below – these need to be run on each OMS server.


-bash-4.1$ emctl set property -name "oracle.sysman.core.security.auth.autoprovisioning" -value "true"
Oracle Enterprise Manager Cloud Control 12c Release 3
Copyright (c) 1996, 2013 Oracle Corporation. All rights reserved.
SYSMAN password:
Property oracle.sysman.core.security.auth.autoprovisioning for oms p-oem-app02.acme.com:4889_Management_Service has been set to value true
OMS restart is not required to reflect the new property value

Finally, restart all OMS servers and voila!

Hope this helps.

Cheers!

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Musings

Things I see and learn!

Thoughts from James H. Lui

If you Care a Little More, Things Happen. Bees can be dangerous. Always wear protective clothing when approaching or dealing with bees. Do not approach or handle bees without proper instruction and training.

bdt's oracle blog

Sharing experience (by Bertrand Drouvot)

Frits Hoogland Weblog

IT Technology; Oracle, linux, TCP/IP and other stuff I find interesting

Vishal desai's Oracle Blog

Just another WordPress.com weblog

%d bloggers like this: