Skip Headers
Oracle® Access Manager Installation Guide
10g (10.1.4.3)

Part Number E12493-01
Go to Documentation Home
Home
Go to Book List
Book List
Go to Table of Contents
Contents
Go to Index
Index
Go to Feedback page
Contact Us

Go to previous page
Previous
Go to next page
Next
View PDF

What's New in Oracle Access Manager

This section describes new features of the Oracle Access Manager release 10.1.4. This includes details for 10g (10.1.4.0.1), 10g (10.1.4.2.0), and 10g (10.1.4.3).

The following sections are included:

Note:

For a comprehensive list of all new features and functions in Oracle Access Manager 10.1.4, and a description of where each is documented, see the chapter on what's new in the Oracle Access Manager Introduction.

Product and Component Name Changes

The original product name, Oblix NetPoint, has changed to Oracle Access Manager. Most component names remain the same. However, there are several important changes that you should know about, as shown in the following table:

Item Was Is
Product Name Oblix NetPoint

Oracle COREid

Oracle Access Manager
Product Name Oblix SHAREid

NetPoint SAML Services

Oracle Identity Federation
Product Name OctetString Virtual Directory Engine (VDE) Oracle Virtual Directory
Product Name BEA WebLogic Application Server

BEA WebLogic Portal Server

Oracle WebLogic Server

Oracle WebLogic Portal

Product Release Oracle COREid 7.0.4 Also available as part of Oracle Application Server 10g Release 2 (10.1.2).
Directory Name COREid Data Anywhere Data Anywhere
Component Name COREid Server Identity Server
Component Name Access Manager Policy Manager
Console Name COREid System Console Identity System Console
Identity System Transport Security Protocol NetPoint Identity Protocol Oracle Identity Protocol
Access System Transport Protocol NetPoint Access Protocol Oracle Access Protocol
Administrator NetPoint Administrator

COREid Administrator

Master Administrator
Directory Tree Oblix tree Configuration tree
Data Oblix data Configuration data
Software Developer Kit Access Server SDK

ASDK

Access Manager SDK
API Access Server API

Access API

Access Manager API
API Access Management API

Access Manager API

Policy Manager API
Default Policy Domains NetPoint Identity Domain

COREid Identity Domain

Identity Domain
Default Policy Domains NetPoint Access Manager

COREid Access Manager

Access Domain
Default Authentication Schemes NetPoint None Authentication

COREid None Authentication

Anonymous
Default Authentication Schemes NetPoint Basic Over LDAP

COREid Basic Over LDAP

Oracle Access and Identity Basic Over LDAP
Default Authentication Schemes NetPoint Basic Over LDAP for AD Forest

COREid Basic Over LDAP for AD Forest

Oracle Access and Identity for AD Forest Basic Over LDAP
Access System Service AM Service State

Policy Manager API Support Mode

Access Management Service

Note: Policy Manager API Support Mode and Access Management Service are used interchangeably.


All legacy references in the product or documentation should be understood to connote the new names.

Enhancements Available in 10g (10.1.4.3)

Included in this release are new enhancements and bug fixes for 10g (10.1.4.3) in addition to all fixes and enhancements from 10g (10.1.4.2.0) bundle patches through BP07. The following topics describe 10g (10.1.4.3) enhancements described in this book:

See Also:

Oracle Access Manager Introduction for a list of all new features and functions

10g (10.1.4.3) Installers, Patches, Bundle Patches, and Newly Certified Agents

New information is provided on Oracle Access Manager 10g (10.1.4.3) packages, as follows:

Installation Packages: 10g (10.1.4.3) component installers that you can use for a fresh installation only are delivered on media and Oracle Technology Network. However, you cannot use 10g (10.1.4.3) installers to upgrade an earlier Oracle Access Manager installation.

See Also:

Patch Set Packages: A new topic has been added for patch sets. 10g (10.1.4.3) patch set packages will be provided on My Oracle Support (formerly MetaLink).

See Also:

Bundle Patches: A new topic has been added to explain bundle patches and their use.

See Also:

Newly Certified Agents: A new topic has been added to explain newly certified agents and how to get these.

See Also:

Access Manager SDK Support for .NET

As in earlier releases, Oracle Access Manager 10g (10.1.4.3) provides an SDK for Windows that supports .NET Framework 1.1 and Microsoft Visual Studio 2002. The installer is available on Oracle Technology Network.

Additionally, a new SDK for Windows is available for AccessGate development. This new SDK provides .NET 2 support and uses Microsoft Development Environment (MSDE) 2005, including NET Framework 2 and MSDE Visual Studio 2005.

See Also:

"Obtaining the Latest Installers"

Multi-Language Deployments and English Only Messages

Oracle Access Manager 10g (10.1.4.3) provides new Language Pack installers. 10g (10.1.4.3) Language Packs are required in any 10g (10.1.4.3) deployment, whether it is a fresh installation or an upgraded and patched deployment.

See Also:

Messages added for minor releases (10g (10.1.4.2.0) and 10g (10.1.4.3) as a result of new functionality might not be translated and can appear in only English.

Native POSIX Thread Library (NPTL) for Linux

Earlier releases of Oracle Access Manager for Linux used the LinuxThreads library only. Using LinuxThreads required that you set the environment variable LD_ASSUME_KERNEL, which is used by the dynamic linker to decide what implementation of libraries is used. When you set LD_ASSUME_KERNEL to 2.4.19 the libraries in /lib/i686 are used dynamically.

RedHat Linux v5 and later releases support only Native POSIX Thread Library (NPTL), not LinuxThreads. To accommodate this change, Oracle Access Manager 10g (10.1.4.3) is compliant with NPTL specifications. However, LinuxThreads is used by default for all except Oracle Access Manager Web components for Oracle HTTP Server 11g.

Note:

On Linux, Oracle Access Manager Web components for OHS 11g use only NPTL; you cannot use the LinuxThreads library. In this case, do not set the environment variable LD_ASSUME_KERNEL to 2.4.19.

See Also:

Oracle Internet Directory

Tuning for Oracle Internet Directory has been expanded for various Oracle Internet Directory releases.

See Also:

"Tuning for Oracle Internet Directory"

Oracle Internet Directory schema for the orclrole objectclass does not follow RFC 2256. As a result, when Oracle Access Manager is configured with Oracle Internet Directory, this schema discrepancy in Oracle Internet Directory causes issues in the objectclass configuration of Oracle Access Manager.

Also, Oracle Internet Directory LDAP tools have been modified to disable the less secure options -w password and -P password when the environment variable LDAP_PASSWORD_PROMPTONLY is set to TRUE or 1.

See Also:

"Oracle Internet Directory Schema"

Oracle Virtual Directory

inetOrgPerson and groupOfUniqueNames for user and group object classes are required when Oracle Access Manager is configured for Oracle Virtual Directory.

See Also:

Chapter 10, "Setting Up Oracle Access Manager with Oracle Virtual Directory"

The LDIF that is created using obmigrateDN is stored in a different path.

See Also:

Table 10-9, "Contents of the DN Conversion Toolkit for Oracle Access Manager"

Platform Support

Oracle continually certifies Oracle Access Manager support with various third-party platforms, Web server releases, directory server releases, and applications. For the latest support details, see the certification matrix that is available at:

http://www.oracle.com/technology/products/id_mgmt/coreid_acc/pdf/oracle_access_manager_certification_10.1.4_r3_matrix.xls

See Also:

"Confirming Certification Requirements"

Certain Oracle Access Manager Web server-specific packages will not be available with the initial release of 10g (10.1.4.3).

See Also:

"Web Server-Specific Packages"

Security-Enhanced Linux (SELinux)

SELinux is delivered with Oracle Enterprise Linux. SELinux modifications provide a variety of security policies through the use of Linux Security Modules (LSM) within the Linux kernel. SELinux requires performing additional steps after installing Oracle Access Manager Web components and before starting the associated Web server. This applies to all supported Linux versions that have SELinux.

See Also:

Topics on SELinux in Chapter 2, "Preparing for Installation" and Appendix E, "Troubleshooting Installation Issues"

Troubleshooting Tip for Novell eDirectory Issue

When setting the searchbase to "dc=nc" during browser-based Identity System setup with Novell eDirectory, you must define the CONTAINMENT object under which the "o=Oblix" (oblixconfig) objectclass can exist.

See Also:

"Novell eDirectory Issues"

Troubleshooting Tip for Sun One Directory Server v5 with SSL Enabled

The Sun One Directory Server v5.1 and v5.2 hang when there are more than 60 open SSL connections. You can apply patches to the directory server to eliminate the problem.

See Also:

"Sun One Directory Server v5 SSL Issues"

Troubleshooting Tip for Sun Java Directory Server 6.0

Installing an Identity Server with Sun Java Directory Server 6.0 could result in an error when you are defining directory details.

See Also:

"Sun Java System Directory Server 6.0 and Installation of Identity Server"

Troubleshooting Tip for Sun One Directory Server v6.3

An error occurs when you attempt to load the iPlanet5_oblix_index_add.ldif to a Sun One directory server version 6.3 because the structure of the node changed with v6.3.

See Also:

"Sun One Directory Server 6.3: No such object error"

Updates to Specific Chapters with 10g (10.1.4.2.0)

General product and naming changes have been made throughout this book, as described in "Product and Component Name Changes".

Platform support details have been removed from this book and are now located on Oracle Technology Network (OTN), as described in "Confirming Certification Requirements".

Other updates and changes to specific chapters include the following:

New Features in Oracle Access Manager 10g (10.1.4.0.1)

The features covered in this manual include: