External Auth Problems w/LDAP

Rich or Paul,
I have turned on the LDAP authentication. It seems to work great. We have been very happy with this. However, I have one user that cannot login. This one person gets the following message.
There is an error in the setup of the external authentication mechanism. Please contact the administrator to make sure the external repository is setup appropriately. (WWC-41655)
My user account exists in the same container as this user. We have checked that the password is not expired, that the grace login are not to zero.
Can you give me some help on what might be happening with this user?
Thanks,
Mark

Mark,
Do a command line ldapsearch for this user, using the same search root and search DN that you specified in ssoldap.sql. This will show you what the login server is getting when it is trying to do the search to get the user's DN for bind checking.
My guess is that for that particular user, you are not getting a unique hit, and the "DN mapping" is failing, hence the error message that is warning you that the requirements for the external authentication module are not being met. We require that you define a search root and unique attribute such that you will only get a unique hit when you search for a users ssousername on the specified attribute under that search root.
Let us know what you find.
Oh, if you need the ldapsearch syntax, it would be something like ...
ldapsearch -h hostname -p port -D bind_dn -w bind_password -b search_base -s sub filter
For example, searching on my LDAP server at ats-labgues19.us.oracle.com, I provide the following:
ldapsearch -h ats-labguest19.us.oracle.com -p 389 -D cn=orcladmin -w welcome -b 'cn=Login Server (portal30_sso)' -s sub 'cn=PENCARNA'
And on a unique hit, I get the following:
cn=pencarna, cn=Login Server (portal30_sso)
objectclass=top
objectclass=person
userpassword=03E71AF8A4169D43E3947B69D9CA7547
sn=Encarnacion
cn=pencarna
The first line is the DN that the Login Server will use to attempt the authentication (bind) with the password the user provided to the Login Server.
null

Similar Messages

  • Problem with LDAP in BEA Portal

    Problem with LDAP in BEA Portal
    I have a list of 50 user which should be cerated in portal staging(devlopment) machine and should be transfered to
    production machine using LDAP
    Steps which i followed to create Users
    1.Create User Profile with 2 parameters branch and Role
    2.I have list user in the Xls file with Username,password ,branch and Role
    3.Write a java File which will read the Xls File
    4.The users are created in the staging machine for the portal
    Steps which i followed in LDAP to tranfer the created User form Devlopment to Production
    1.Export the created user from Devlopment (which was moved as .DAT in my local directory)
    2.import the user from local direcory to production machine
    The Users are imported in the production machine with username and password but the role and branch values are empty
    We need a solution for importing the user with role and branch corresponding to each user.
    Thanks in Adv
    Suresh

    In Portal 8.1, user name and password in stored in LDAP where as user profile values are stored in database. That is the reason you are not able to see the user profile values.
    Check once again whether you can see these values through admin tool. In case,it is not(after confirmation again),you might have to use APIs to do this for you incase you dont want to manage through Admin Tool.
    Thanks,
    Prashanth Bhat.

  • Possibly mundane Mini-DVI to VGA into an external monitor problem

    Hi,
    I've had a look over the interwebs regarding my problem and it seems as if it's not unusual to have external monitor problems but I'm not sure if mine is slightly different:
    I had a perfectly working set up with my new Macbook (the white one, '06 model I believe), that was connected to my Hanns-G HU196D monitor via a mini-DVI to VGA adapter, no problems whatsoever. But for a couple of weeks now my Macbook just flickers a light blue colour, with nothing at all on the monitor, and my macbook is unusable until I remove the adapter. I've read about updating firmware but I can't see my desktop once the macbook is connected to the monitor so it's not possible to configure anything. I've read somewhere that my external monitor isn't compatible with this set up, but it was until a couple of weeks ago!
    My Macbook's 4 months old now and since then I've bought a new mini-dvi to vga adapter and a new VGA cable, no connections seem loose on either mini-dvi port or my monitor's vga port.
    Thanks if you can help!
    Jack

    You will need to use a mini Dvi-dvi and a dvi-svideo/rca adapter.
    Joy joy hallelujah.
    Pardon the sarcasm...I just wasted 3 hours of my life trying to sort the issue out.
    Heard a KWORLD PlusTV PCTOTV Converter SA235 USB 2.0 Interface would sort the issue out for under 40$ but it's not Mac.
    Hope that helps.
    ~r

  • External Display Problem with x301

    Hi everybody,
    I have a external display Problem with my x301.
    Ether direct attachment or via Lenovo USB Display Port  Device, the external monitor (22" Benq LCD) starts to flickr after a couple of minutes and the external display shuts off.
    Any ideas on this?
    Thanks a lot
    Chris 

    i have the same problem with X200 and the X200 ultrabay Docking station.
    No idea yet ...

  • Problem wrapping LDAP access

    We're running into problems wrapping C functions that access LDAP in Forte. We are using the Netscape Directory SDK for C (Version 4.0) and have written and compiled C code (on Solaris 2.6) into a shared library that calls out to the Netscape LDAP shared library. The problems arise once they are Forte-wrapped...
    I can see from several status messages that I have within both the C functions and the TOOL code that everything is working as it should, however, Forte locks up upon completing any of the functions, and I sometimes get a "libc internal error - rmutex not held" error message. The multithreaded property for this C project is set to FALSE.
    Any insights/tips would be appreciated...

    Hi Julie,
    You can try to turn on multithreading for your C project (multiThreaded -
    TRUE) and use your Forte wrapper object to synchronize the access to C
    functions (using for example Shared property = IsDefault). Probably, the C
    project is not linked with the thread-safe libc if you are using
    multiThreaded - FALSE.
    Regards,
    Zenon
    -----Original Message-----
    From: Julie Muth [SMTP:MUTHdcjs.state.ny.us]
    Sent: Thursday, September 07, 2000 9:10 AM
    To: Forte-userslists.xpedior.com
    Subject: (forte-users) Problem wrapping LDAP access
    We're running into problems wrapping C functions that access LDAP in
    Forte. We are using the Netscape Directory SDK for C (Version 4.0) and
    have written and compiled C code (on Solaris 2.6) into a shared library
    that calls out to the Netscape LDAP shared library. The problems arise
    once they are Forte-wrapped...
    I can see from several status messages that I have within both the C
    functions and the TOOL code that everything is working as it should,
    however, Forte locks up upon completing any of the functions, and I
    sometimes get a "libc internal error - rmutex not held" error message.
    The multithreaded property for this C project is set to FALSE.
    Any insights/tips would be appreciated...
    For the archives, go to: http://lists.xpedior.com/forte-users and use
    the login: forte and the password: archive. To unsubscribe, send in a new
    email the word: 'Unsubscribe' to: forte-users-requestlists.xpedior.com

  • Serious external drive problems after installing Mavericks

    OK, so now I am seeing multiple external drive problems. Here is my setup: A GTech 4TB drive connected to MacBook Pro via Firewire, formatted of 2 partitions of 2TB each (called GT1 and GT2). This is then daisy chained to two WD drives of 2TB each, called WD1 and WD2.
    After installing Mavericks everything worked fine (in fact I have an amazing speed increase). However, after restarting my machine this morning I have the following issues:
    The GTech is now a single partition called MyBook (obviously a hangover from the WD drives. I suspect the WD drive managment software) with NO data files. Interestingly it shows the following USED 1,106,870,272 bytes (1.11 GB on disk). This suggests that one of the partitions has disapeared completely.
    Whilst WD 1 launces ok, WD 2 causes the Finder to relaunch whenever selected, meaning I can't get to the files. I remember having this problem before when I upgraded to SL, and it having something to do with hidden files that needed to be deleted via the terminal. However, I have searched the web and can't find the solution again.
    Given that WD 1 and 2 are my backups of GT 1 and 2, then I now have a situation where I cannot access my primary or backup files for GT 2. Very impressive - not!
    Can anbody remember the hidden file solution for the finder relaunch?
    Can anybody help me get back my GT1 and 2 partitions (as they have the latest work on them)?

    FIrewire & Thunder bolt drives are having issues with Mavericks, avoid same until a fix is issued if you can.
    many are reporting same, there is a firewire fault and TB HD on external HD from LaCie (Seagate) and from WD especially.
    Technicians are looking into it.
    Until there is resolution, consider setting up a USB ext. Time machine HD.
    Until then consider confining Mavericks use with USB HD.
    Ive tested a very long line of USB HD on Mavericks, all seem fine.
    Recommend anyone DO NOT ATTACH any WD MyBook externals (firewire, thunderbolt or otherwise).     
    I dont have same to test, so I dont know if the problem is in the firmware on the SATA bridge or if its a problem with the WD software

  • Problem accessing LDAP via sqlnet

    Hello,
    I have installed OID 10.1.2 for accessing targets databases in 9.2, with oracle enterprise user, and that run correctly when I access to the taget database in local.
    If I use sqlnet I receive the error 28030!
    If someone have an idea!
    Thanks

    ORA 28030
    Text:     Server encountered problems accessing LDAP directory service
    http://www.oracle.com/technology/products/oid/oidhtml/sec_idm_training/html_masters/handson.htm
    or
    did you see the How to set up Enterprise User Security
    http://www.oracle.com/technology/deploy/security/db_security/howtos/eus-how-to.html
    regards,
    --Olaf                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       

  • [Question!!] How to satisfied security status after External Auth. ??

    Situation :
    I want to do Post Issuance functions on card , the card has personalized , and card
    status is been set to 'Secured'.
    Card Status :
    The Card is in secured status when has perso. from card manufacturer.
    First : External auth.
    External auth. is OK and response no error.
    (APDU 's P1 set to '0x03')
    Second: Try to delete existd applet(ex:VSDC applet) from card.
    According to the Card Spec. , APDUs after secured channel has opened must
    add MAC and encipher , so use first step 's C-MAC value as initial value to caculate
    new MAC and do encipher , then send command to IC Card , it return SW in '0x6982'
    Questions :
    Why it return 'Security level not satisfied' after pass the card ext. auth. ?
    Do I get error in caculate MAC or do Encipher the command ?
    If really got the error in my MAC or cipher step , IC Card check it and return '6982' ,
    is it correct ?
    APDU results are as follows:
    KMC Key = "FDA1DAF3CC95D48C7B891DCA1F7C5769"(Hex dump)
    16 bytes 2Des Key
    Detect Reader :
    0 - [ CASTLES EZ100PU 1 ]
    Send APDU >> 00A4040007A0000000030000
    Response APDU << 6F198408A000000003000000A50D9F6E0640512179100E9F6501FF9000
    Send APDU >> 80CA00CF00
    Response APDU << 00CF0A000049381701100101629000
    Send APDU >> 80500000080000000000000000
    Response APDU << 00004938170110010162010152BD13F4BB10ECF64875DAFF86BF89299000
    -- External Authenticate
    Plantext APDU : 848203000807556D1359960AD3
    IV : 0000000000000000
    C-MAC : 766F793916F59ABD
    APDU After C-MAC : 848203001007556D1359960AD3766F793916F59ABD
    Send APDU >> 848203001007556D1359960AD3766F793916F59ABD
    Response APDU << 9000
    -- Delete Instance AID
    Plantext APDU : 84E40000094F07A0000000031010
    IV : 766F793916F59ABD
    C-MAC : 21E59ADBCE506D20
    APDU After C-MAC : 84E40000114F07A000000003101021E59ADBCE506D20
    APDU After Cipher : 84E40000180CC8DE40AB34AC8C66285D6A2B0B4C5421E59ADBCE506D20
    Send APDU >> 84E40000180CC8DE40AB34AC8C66285D6A2B0B4C5421E59ADBCE506D20
    Response APDU << 6982
    Delete Instance AID fail ! (SW:6982)

    hi! Bennel,
    what kind of your card?

  • Beats audio android app external sound problem.

    Hey guys,
    Recently i downloaded the Beats Audio Android app for my Optimus 2. At first it worked fine, the external sound was good, as well as the headphone output. Very shortly after the external sound became very fuzzy and loud, with the headphone output still working perfectly. The only feature that would play sound without fuzz was speakerphone while in a call. I decided to factory default my phone thinking it would fix the problem, i was already going to do it anyway. Come to find out everything got wiped including beats audio, but the same old external sound problems persisted. I'm not sure how to fix it and it is very annoying and sometimes randomly goes off. Help is greatly appreciated, thanks.
    -Tyler
    Maybe it has something to do with the master volume? Although i'm not sure how to access that either..

    Hello,
    I see that you are having trouble with the beats audio app on your phone. I would suggest that you post your issue here as well for assistance. The link will take you to the android forum for your phone.
    ↙-----------How do I give Kudos?| How do I mark a post as Solved? ----------------↓

  • Aperture 3.5 + Mavericks external storage problems

    Aperture 3.5 + Mavericks external storage problems
    After upgrading to 3.5 and Mavericks, all my projects referencing files stored on NAS show blurry or black and not responding to edit commands. Sometimes Aperture crashes. The projects/photos were okay before upgrade. Also new projects on NAS show blurry or black or fail totally to import photos. If I move the same photos to the local drive, everything is just fine.
    I am using NFS to access the NAS.
    Reading through this forum I found some reports of similar behavior from people storing photos on USB external drives.
    This seems to be only when referencing files located on an external drive. No problems if files are copied to the Aperture library.
    Any similar experience?

    Referenced files on a NAS was always an gray area. While it worked for most users most of the time it wasn;t clear that Apple supported the configuration.
    The Apple documents on Aperture and non-locally attached drives can be read in a number of different ways. Of course the library definitely had to be on a local drive (and even here some users reported success with the library on a NAS) but referenced masters were never explicitly mentioned either way.
    Most users had success with the originals on a NAS but even with earlier version of Aperture and the OS there were always the occasional report of problems. When push-came-to -shove if moving the referenced originals to a local drive fixed the problems there wasn;t much else that could be done.
    Since the release of 3.5 and Mavericks it does appear that referenced originals on a NAS do not work at all in most cases.  The best we can do here, being just users like yourself, is to suggest you contact Apple and try to get through to the Aperture team and see if you can get a definitive answer.
    As for problems with referenced originals on locally connected drives, I'm not aware of any widespread problems. In the few cases I've seen it has come down to some issue with the OP's system.
    Having your whole workflow and setup knocked out from under you like this is really bad, unfortunately there isn't much anyone here can do for this problem.
    regards

  • CE565/CE7325 with MS LDAP Auth - Problem

    Once again seems I am the first one to use a new product. I have a CE565 that I am trying to get to work with MS LDAP. Anyone had any luck doing this? Cisco TAC is having difficult time tracing down problem.
    ce565#sho ldap
    LDAP Configuration:
    LDAP Authentication is enabled
    Allow mode: disabled
    Base DN: DC=domain,DC=com
    Filter: <none>
    Retransmits: 2
    Timeout: 5 seconds
    UID Attribute: uid
    Group Attribute: memberOf
    Administrative DN: <none>
    Administrative Password: <none>
    LDAP version: 3
    LDAP port: 389
    Server Status
    192.168.99.7 primary
    <none> secondary
    ce565#debug authe http
    Apr 24 22:44:56 ce565 http_authmod: pam_sm_authenticate:2498 ***pam_ldap: Begin
    Apr 24 22:44:56 ce565 http_authmod: pam_sm_authenticate:2502 *** pam_ldap: Got username ralldread
    Apr 24 22:44:56 ce565 http_authmod: _pam_ldap_get_session:1977 *** pam_ldap: Begin
    Apr 24 22:44:56 ce565 http_authmod: _read_config:570 ***pam_ldap: Reading configuration
    Apr 24 22:44:56 ce565 http_authmod: ldap_server_validate:1928 ***pam_ldap: === Host[0] 192.168.99.7 ===
    Apr 24 22:44:56 ce565 http_authmod: ldap_server_isalive:1851 ***pam_ldap: Connecting...
    Apr 24 22:44:56 ce565 http_authmod: ldap_server_isalive:1867 ***pam_ldap: Socket timeout 5
    Apr 24 22:44:56 ce565 http_authmod: ldap_server_isalive:1891 ***pam_ldap: Connected to 192.168.99.7
    Apr 24 22:44:56 ce565 http_authmod: ldap_server_validate:1948 ***pam_ldap: ServerAlive [1] (up=1, down=0)
    Apr 24 22:44:56 ce565 http_authmod: pam_sm_authenticate:2508 *** pam_ldap: Got session
    Apr 24 22:44:56 ce565 http_authmod: pam_sm_authenticate:2519 *** pam_ldap: Do authentication
    Apr 24 22:44:56 ce565 http_authmod: _get_user_info:1672 *** pam_ldap: Begin user ralldread
    Apr 24 22:44:56 ce565 http_authmod: _connect_anonymously:1059 *** pam_ldap: Host 192.168.99.7
    Apr 24 22:44:56 ce565 http_authmod: _connect_anonymously:1063 *** pam_ldap: Open session
    Apr 24 22:44:56 ce565 http_authmod: _open_session:927 *** pam_ldap: Begin
    Apr 24 22:44:56 ce565 http_authmod: _connect_anonymously:1074 *** pam_ldap: Binding...
    Apr 24 22:44:56 ce565 http_authmod: _get_user_info:1676 *** pam_ldap: Connected anonymously
    Apr 24 22:44:56 ce565 http_authmod: _get_user_info:1699 *** pam_ldap: Filter (uid=ralldread)
    Apr 24 22:44:56 ce565 http_authmod: pam_sm_authenticate:2522 *** pam_ldap: Done authentication FAILURE
    Any thoughts?

    I got it working. I did 2 things. One, I rebuilt the the server to make sure Active Directory was working correctly. Two, I changed the DC=domain to be dc=domain. I havent had a chance to test which one actually fixed it, but here it the config that I am using.
    ce565#sho run
    device mode content-engine
    hostname ce565
    http authentication header 407
    http authentication cache timeout 1
    http authentication cache max-entries 32000
    http proxy incoming 8888
    clock timezone EST -5 0
    ip domain-name demodomain
    https proxy incoming 8888
    interface GigabitEthernet 1/0
    ip address 10.10.220.71 255.255.255.0
    exit
    interface GigabitEthernet 2/0
    shutdown
    exit
    ip default-gateway 10.10.220.1
    primary-interface GigabitEthernet 1/0
    no auto-register enable
    ip name-server 10.10.220.80
    pre-load enable
    pre-load depth-level-default 2
    pre-load resume
    pre-load traverse-other-domains
    pre-load url-list-file ftp://ftpuser:[email protected]/ce-preload.txt
    transaction-logs enable
    transaction-logs log-windows-domain
    transaction-logs archive interval every-hour every 10
    transaction-logs sanitize
    transaction-logs export enable
    transaction-logs export interval every-hour every 10
    transaction-logs export ftp-server 10.10.220.80 ftpuser ftpuser /
    transaction-logs format extended-squid
    username admin password 1 bVmDmMMmZAPjY
    username admin privilege 15
    ldap server base "dc=demodomain"
    ldap server userid-attribute cn
    ldap server host 10.10.220.80 primary
    ldap server administrative-dn "cn=administrator,cn=users,dc=demodomain"
    ldap server administrative-passwd ****
    ldap server active-directory-group enable
    ldap server version 3
    ldap server enable
    authentication login local enable primary
    authentication configuration local enable primary
    url-filter http smartfilter enable
    cdm ip 10.10.220.70
    cms enable

  • Problem configure Ldap realm with multi master Ldap server

    I have a multimaster Directory Server (Ldap) eg: LdapMaster01 & LdapMaster02.
    I configured the realm Ldap:
    realm= myLdapRealm
    class name =com.sun.enterprise.security.auth.realm.ldap.LDAPRealm
    jaas-context = myLdapRealm
    directory = ldap://LdapMaster01:389
    base-dn = ou=my_APP, ou=Applications, dc=devinc, dc=com
    search-bind-dn = cn=Directory Manager
    search-bind-password = 99999999So how can i configure realm to automatically switch to LdapMaster02 when the LdapMaster01 is not up?
    Thanks in advance

    Probably you need an external intelligent
    loadbalancer unit, that receives all requests for an
    DNS like 'LdapMaster' and reroutes the traffic to
    LdapMaster01 or LdapMaster02.
    If one LdapMaster ist not available then the
    loadbalancer is responsible to route all requests
    only to the available server.Thank you very much. :)
    I found other post on the internet about this, and yes, probably the only way is a loadbalancer.
    Another way is to write a custum realm impl that receives the server list and try to connect until an available server is found.

  • EAP-TLS and MS AD auth problem

    Hi,
    I have a problem with an ACS to authenticate users with certificate on MS AD.
    Working things:
    PEAP authentication with the MS AD;
    EAP-TLS authentication with the local DB.
    Not working things:
    EAP-TLS authentication with MS AD.
    Because I'm able to auth users with PEAP on MS AD, I guess my config on MS AD is correct.
    Because I'm able to auth users with certif in EAP-TLS, I guess my certif config is correct.
    So, why it's not working with the combination EAP-TLS and MS AD.
    I receive the error 'External DB Account Restriction'
    Thanks for your help.

    This issue is generally seens when there are multiple domains. Try out this step. Choose Network Connections from the control panel. Right-click the local area connection.Choose Properties. Double-click the TCP/IP option. Choose Advanced at the bottom. Click on DNS at the top. Choose Append these DNS suffixes. Add the FQDN for each domain that ACS authenticates against in the field.

  • MMP Client Certificate Auth problem

    Hi, All!
    I can't configure clients cert auth through MMP. I'm using the most recent release of communicationsuite (7u2) .
    Proxy auth for clear imap using admin settings like StoreAdmin and StoreAdminPass works well.
    MMP for unencrypted IMAP works well too.
    However MMP for clents certificate auth does not work.
    I see the following message in the log
    [19/Dec/2011:11:27:43 +0400] sf240 ImapProxy[1688]: General Alert: dmap_locate_basedn called with baseDN uid=monakhv, ou=people, o=dvatest.ot,o=isp
    [19/Dec/2011:11:27:43 +0400] sf240 ImapProxy[1688]: General Debug: (id 554) User '[email protected]' replay user '[email protected]'
    [19/Dec/2011:11:27:43 +0400] sf240 ImapProxy[1688]: General Error: (id 554) Proxy authentication invalid admin '[email protected]', login as '[email protected]'
    I would appreciate any ideas to recover it.
    Regards, Monk.

    cnewman wrote:
    For the MMP, the MMP's StoreAdmin setting has to exactly match the administrative user. The log error you see:
    This is from my ImapProxyAService.cfg
    default:StoreAdmin admin
    default:StoreAdminPass enz.ZIM137
    [19/Dec/2011:11:27:43 +0400] sf240 ImapProxy[1688]: General Error: (id 554) Proxy authentication invalid admin '[email protected]', login as '[email protected]'
    This is really strange message for me. Some experiment with mail client (Thunderbird) shows that
    one '[email protected]' goes from user ssl certificate email field which is used for auth, another '[email protected]' goes from
    user name field from Thunderbird server settings.
    May be the problem is for mail client configuration?
    Anyway I do not want to provide for users Admins certificate and password!
    Is it possible to configure MMP authorization using user's SSL certificate?
    indicates that the value of the MMP's StoreAdmin setting is something other than '[email protected]', so the request for proxy authentication is denied.
    It seems odd that the authentication id and the authorization id is identical in this case, but I'd have to see the actual AUTH EXTERNAL protocol as well as your StoreAdmin setting to explain further.How can I get AUTH EXTERNAL protocol?

  • Problem in LDAP Authentication

    Hi All,
    Iam new in LDAP.I developed a web application using Form Based Authentication. I deployed the web application in Weblogic R3 Application Server. I want my web application to authenticate using LDAP Users. I configured LDAP V3 in weblogic server. I am getting LDAP users as "orcladmin" and "PUBLIC" through LDAP Authenticator in the console. But when iam authenticating using "orcladmin" in web application, i am unable to authenticate. I defined the principal name "orcladmin" in weblogic.xml. Can any solve my problem or suggest me any link regarding how to design the webapplication to authenticate using LDAP Users or Any tutorial to learn LDAP and use it in the web application. Thanks in Advance for the help.

    If you are using ADF Security, you must do the mapping in the jazn-data.xml by "creating" OCS_PORTAL_USERS role in jazn-data realm, and mapping it to application role CN.
    You should also have something like this in web.xml
    <security-constraint>
            <web-resource-collection>
                <web-resource-name>adfAuthentication</web-resource-name>
                <url-pattern>/adfAuthentication</url-pattern>
            </web-resource-collection>
            <auth-constraint>
                <role-name>valid-users</role-name>
            </auth-constraint>
        </security-constraint>
        <security-role>
            <role-name>valid-users</role-name>
        </security-role>
    {code}
    - and in weblogic.xml
    {code:xml}
    <security-role-assignment>
        <role-name>valid-users</role-name>
        <principal-name>users</principal-name>
      </security-role-assignment>
    {code}
    And, regarding creating users in OID, check out the  [Java API for Oracle Internet Directory|http://lbdwww.epfl.ch/f/teaching/courses/oracle9i/network.920/a96577/oid_java.htm], and search the forums for 'create user in OID' or something similar, you could find some info.
    Pedja                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               

Maybe you are looking for