Oracle application software system user.
This user is created to facilitate installation of an upper-layer product on WLS (e.g. SOA, UCM, EM). OracleSystemUser is not a member of any of the default groups or roles so it does not have access to the WLS resources and hence should not be a vulnerability.
The password of the user is same as the password for user weblogic which was created during domain creation. It can be changed from the console.
OracleSystemUser is in the weblogic Defaultauthenticator (which is provided by default), so if you use the LDAP + defaultauthenticator then you don't need to create this user in the LDAP.
If you decide only to use the LDAP, then you will need to use exactly the names mentioned in the documentation (OracleSystemUser / OracleSystemGroup ) See http://docs.oracle.com/cd/E28280_01/install.1111/e13925/configure.htm#INSOA212
If you are configuring the application against an external LDAP server, make sure the following are present in the external LDAP server: