idmUser = factory.createUser(mpSet) - Invalid User Search Base

After re-installing OAS 10g 10.1.2.0.2 I attempted to run my Common Access Card authentication program, but it no worky.

Further investigation revealed the problem occurs when the user registration servlet attempts to create the user in Oracle Internet Directory using an UserFactory object. It complains of an "Invalid User Search Base," which is odd because I can use the same search base from the command line without any problems. I can also search OID from the servlet and find users using the search base. Only the UserFactory object has an issue with it. The debugger output and stack trace looks like this:

JndiUserFactory : Realm name : foo
JndiUserFactory : Realm DN : dc=foo,dc=bar,dc=com
JndiUserFactory : orclCommonDefaultUserCreateBase = cn=Users,dc=foo,dc=bar,dc=com
CreateUserHandler : CREATE User -
CreateUserHandler : ModPropertySet:
changetype: modify
add: cn
cn: Heman
-
add: sn
sn: The Master
-
add: uid
uid: Heman
-

CreateUserHandler : User factory control information - App users creation - true
CreateUserHandler : Retrieving all applications for which the user needs to be provisioned...
Configuration : getAllApplication - force read - false
CreateUserHandler : :
oracle.ldap.util.schema.ODISchemaException
at oracle.ldap.util.schema.DIPSchema.getRootContextRootSchemaLocation(DIPSchema.java:603)
at oracle.ldap.util.schema.DIPSchema.resolve(DIPSchema.java:535)
at oracle.ldap.util.schema.DIPSchema.setDirContext(DIPSchema.java:278)
at oracle.ldap.util.schema.DIPSchema.(DIPSchema.java:124)
at oracle.idm.provisioning.configuration.Configuration.initConfig(Configuration.java:390)
at oracle.idm.provisioning.configuration.Configuration.getAllApplications(Configuration.java:222)
at oracle.idm.provisioning.configuration.Configuration.getAllApplications(Configuration.java:197)
at oracle.idm.user.CreateUserHandler.create(CreateUserHandler.java:120)
at oracle.idm.user.JndiUserFactory.createUser(JndiUserFactory.java:292)

Not sure what's going on, but my guess is an OID configuration issue because it worked before I re-installed, and its working at two other customer installations. My development envrionment is not the best; I'm forced to install OAS on the same server running an Active Directory domain controller and that is causing other issues. I'm going to try to squeeze an OAS Infrastructure install on another machine, but my hopes are not high. Worst case scenario I open a Help Desk ticket to have these machines rejoined to the parent domain - I don't really need the Active Directory domain controller anymore since we gave up on using Windows Native Authentication. . .