WSO2 (IdM) cannot add user in Active Directory as primary user store

Question

Environment:

• wso2 5.3.0 installed on
• Windows 7 sp1
• jdk_1.8.0_151 with external prim

Answer 1

Found the solution:

add this property to the UserStoreManager within user-mgt.xml

<Property name="UserDNPattern">cn={0},ou=AllUsers,dc=wso,dc=ad,dc=com</Property>

thus the CN will be properly constructed. Obviously you have to adapt the structure and content of this DN string according to your AD LDAP.

Took me quite a time to find this, for WSO2's manual is a bit misleading re UserDNPattern:

The patten for user's DN. It can be defined to improve the LDAP search. When there are many user entries in the LADP, defining a "UserDNPattern" provides more impact on performances as the LDAP does not have to travel through the entire tree to find users.

Sounds like an option, but seems to be neccessary.