1/49
Contents
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
Part I Overview
1
Oracle Identity System Administration Interface
1.1
Logging in to Oracle Identity Manager System Administration Console
1.2
Overview of the Oracle Identity Manager System Administration Console
1.2.1
Links
1.2.1.1
Accessibility
1.2.1.2
Sandboxes
1.2.1.3
Help
1.2.1.4
Sign Out
1.2.2
Left and Right Panes
1.2.2.1
Event Management
1.2.2.2
Policies
1.2.2.3
Configuration
1.2.2.4
System Management
1.2.2.5
Upgrade
Part II Policy Administration
2
Managing Approval Policies
2.1
General Guidelines
2.2
Approval Selection Methodologies
2.2.1
Request-Level Methodology
2.2.2
Operation-Level Methodology: Organization-Based Selection
2.2.3
Operation-Level Methodology: Role-Based Selection
2.2.4
Operation-Level Methodology: Application Instance-Based Selection
2.3
Creating Approval Policies
2.4
Searching Approval Policies
2.5
Modifying Approval Policies
2.6
Modifying the Priority of an Approval Policy
2.7
Deleting Approval Policies
3
Managing Access Policies
3.1
Terminologies Used in Access Policies
3.2
Features of Access Policies
3.2.1
Provisioning Options
3.2.2
Revoking or Disabling the Policy
3.2.3
Denying a Resource
3.2.4
Evaluating Policies
3.2.5
Enabling Provisioning Based on Access Policies
3.2.6
Access Policy Priority
3.2.7
Access Policy Data
3.2.8
Provisioning Multiple Instances of the Same Resource via Access Policy by Using Account Discriminator
3.3
Creating Access Policies
3.4
Managing Access Policies
3.5
Provisioning Multiple Instances of the Same Resource via Access Policy
3.5.1
Creating Separate Accounts for the Same User and Same Resource on a Single Target System
3.5.2
Enabling Multiple Account Provisioning
3.5.3
Provisioning Multiple Instances of a Resource to Multiple Target Systems
3.5.4
Limitation of Provisioning Multiple Instances of a Resource via Access Policy
4
Managing Password Policies
4.1
Searching Password Policies
4.2
Creating a Password Policy
4.3
Setting Password Policy Rules
4.4
Deleting a Password Policy
5
Managing Attestation Processes
5.1
About Attestation
5.1.1
Definition of an Attestation Process
5.1.1.1
Attestation Process Control
5.1.2
Components of Attestation Tasks
5.1.2.1
Attestation Inbox
5.1.3
Attestation Request
5.1.4
Delegation
5.1.5
Attestation Lifecycle Process
5.1.5.1
Stage 1: Creation of an Attestation Task
5.1.5.2
Stage 2: Acting on an Attestation Task
5.1.5.3
Stage 3: Processing a Submitted Attestation Task
5.1.6
Attestation Engine
5.1.7
Attestation Scheduled Task
5.1.8
Attestation-Driven Workflow Capability
5.1.9
Attestation E-Mail
5.1.9.1
Notify Attestation Reviewer
5.1.9.2
Notify Delegated Reviewers
5.1.9.3
Notify Process Owner About Declined Attestation Entitlements
5.1.9.4
Notify Process Owner About Reviewers with No E-Mail Defined
5.2
Attestation Process Configuration
5.2.1
Menu Structure
5.2.2
System Control
5.3
Creating Attestation Processes
5.4
Managing Attestation Processes
5.4.1
Editing Attestation Processes
5.4.2
Disabling Attestation Processes
5.4.3
Enabling Attestation Processes
5.4.4
Deleting Attestation Processes
5.4.5
Running Attestation Processes
5.4.6
Managing Attestation Process Administrators
5.4.7
Viewing Attestation Process Execution History
5.5
Using the Attestation Dashboard
5.5.1
Viewing Attestation Request Details
5.5.2
E-Mail Notification
5.5.3
Attestation Grace Period Checker Scheduled Task
Part III Form Management
6
Managing Forms
6.1
Creating Forms By Using the Form Designer
6.2
Searching Forms By Using the Form Designer
6.3
Modifying Forms By Using the Form Designer
6.3.1
Removing or Hiding Form Attributes
7
Configuring Custom Attributes
7.1
Creating a Custom Attribute
7.2
Creating a Custom Child Form
7.3
Creating a Custom Child Form Attribute
7.4
Modifying a Custom Attribute
7.5
Adding a Custom Attribute
7.6
Adding a Custom Attribute to an Application Instance Form
7.6.1
Regenerating View
7.6.2
Updating the Application Instance Form By Using WebCenter Composer
7.7
Moving UDFs from Test to Production
7.7.1
Moving UDFs Added to Catalog Entities
7.7.2
Moving UDFs Added to User Forms
7.7.2.1
Exporting the UDF from the Test Environment
7.7.2.2
Importing the UDF into the Production Environment
7.8
Synchronizing User-Defined Fields Between Oracle Identity Manager and LDAP
7.9
Attribute Definitions
7.10
Creating Cascaded LOVs
Part IV Application Management
8
Managing Application Instances
8.1
Application Instance Architecture and Concepts
8.1.1
Multiple Accounts Per Application Instance
8.1.2
Entitlements
8.1.3
Disconnected Application Instances
8.1.4
Application Instance Security
8.2
Managing Application Instances
8.2.1
Creating Application Instances
8.2.2
Searching Application Instances
8.2.3
Modifying Application Instances
8.2.3.1
Modifying Application Instance Attributes
8.2.3.2
Managing Organizations Associated With Application Instances
8.2.3.3
Managing Entitlements Associated With Application Instances
8.2.4
Deleting Application Instances
8.2.5
Creating and Modifying Forms
8.2.5.1
Creating Forms Associated With Application Instances
8.2.5.2
Modifying Forms Associated With Application Instances
8.2.5.3
Localizing Application Instance Form
8.3
Configuring Application Instances
8.3.1
Configuring Provisioning for Connected Application Instances
8.3.2
Configuring a Resource Object
8.3.3
Configuring IT Resource
8.3.4
Configuring Password Policies for Application Instances
8.4
Developing Entitlements
8.4.1
Available Entitlements and Assigned Entitlements
8.4.2
Entitlement Data Capture Process
8.4.2.1
Capture of Data About Available Entitlements
8.4.2.2
Capture of Data About Assigned Entitlements
8.4.3
Marking Entitlement Attributes on Child Process Forms
8.4.4
Duplicate Validation for Entitlements or Child Data
8.4.5
Configuring Scheduled Tasks for Working with Entitlement Data
8.4.5.1
Entitlement List
8.4.5.2
Entitlement Assignments
8.4.6
Deleting Entitlement
8.4.7
Refreshing the Entitlement List Post Delete for New Entries
8.4.8
Disabling the Capture of Modifications to Assigned Entitlements
8.4.9
Entitlement-Related Reports
8.4.9.1
Entitlement Access List
8.4.9.2
Entitlement Access List History
8.4.9.3
User Resource Entitlement
8.4.9.4
User Resource Entitlement History
9
Managing Disconnected Resources
9.1
Disconnected Resources Architecture
9.2
Managing Disconnected Application Instance
9.2.1
Creating a Disconnected Application Instance
9.2.2
Creating a Disconnected Application Instance for an Existing Disconnected Resource
9.3
Provisioning Operations on a Disconnected Application Instance
9.3.1
Process Form Updates
9.4
Managing Entitlement for Disconnected Resource
9.4.1
Configuring Entitlement Grant
9.4.1.1
Creating a Child Form and Configuring Entitlement Lookup via Form Designer
9.4.1.2
Configuring the Process Task that Invokes the SOA Composite
9.4.2
Configuring for Entitlement Revoke
9.5
Status Changes in Manual Process Task Action
9.6
Customizing Provisioning SOA Composite
9.6.1
Customizing Human Task Assignment via SOA Composer
9.6.2
Customizing by Modifying the Out of the Box Composite
9.7
Troubleshooting Disconnected Resources
10
Managing Lookups
10.1
Searching a Lookup Type
10.2
Creating a Lookup Type
10.3
Modifying a Lookup Type
11
Managing Connector Lifecycle
11.1
Lifecycle of a Connector
11.2
Connector Lifecycle and Change Management Terminology
11.3
Viewing Connector Details
11.4
Installing Connectors
11.4.1
Overview of the Connector Deployment Process
11.4.2
Creating the User Account for Installing Connectors
11.4.3
Installing a Connector
11.5
Defining Connectors
11.6
Cloning Connectors
11.6.1
Guidelines for Cloning a Connector
11.6.2
Cloning a Connector
11.6.3
Postcloning Steps
11.7
Exporting Connector Object Definitions in Connector XML Format
11.8
Upgrading Connectors
11.8.1
Upgrade Use Cases Supported by the Connector Upgrade Feature
11.8.2
Connector Object Changes Supported by the Upgrade Connectors Feature
11.8.2.1
Resource Object Changes
11.8.2.2
Process Definition Changes
11.8.2.3
Resource Object Changes
11.8.2.4
Process Form Changes
11.8.2.5
Lookup Definition Changes
11.8.2.6
Adapter Changes
11.8.2.7
Rule Changes
11.8.2.8
IT Resource Type Changes
11.8.2.9
IT Resource Changes
11.8.2.10
Scheduled Task Changes
11.8.3
What Happens When You Upgrade a Connector
11.8.4
Summary of the Upgrade Procedure
11.8.5
Procedure to Upgrade a Connector
11.8.5.1
Preupgrade Procedure
11.8.5.2
Upgrade Procedure
11.8.5.3
Postupgrade Procedure
11.8.6
Procedure to Upgrade a 9.
x
Connector Version to an ICF Based Connector
11.9
Uninstalling Connectors
11.9.1
Use Cases Supported by the Uninstall Connectors Utility
11.9.2
Overview of the Connector Uninstall Process
11.9.3
Setting Up the Uninstall Connector Utility
11.9.4
Uninstalling Connectors and Removing Connector Objects
11.9.4.1
Uninstalling a Connector
11.9.4.2
Removing Adapters, Lookup Definitions, Resource Objects, and Scheduled Tasks
11.9.4.3
Running the Script to Uninstall Connectors and Connector Objects
11.10
Troubleshooting Connector Management Issues
12
Managing Reconciliation
12.1
Types of Reconciliation
12.1.1
Reconciliation Based on the Object Being Reconciled
12.1.1.1
Trusted Source Reconciliation
12.1.1.2
Account Reconciliation
12.1.1.3
Reconciliation Process Flow
12.1.2
Mode of Reconciliation
12.1.3
Approach Used for Reconciliation
12.2
Managing Reconciliation Events
12.2.1
Searching Events
12.2.1.1
Performing a Simple Search for Events
12.2.1.2
Performing an Advanced Search for Events
12.2.2
Displaying Event Details
12.2.3
Determining Event Actions
12.2.4
Re-evaluating Events
12.2.5
Closing Events
12.2.6
Linking Reconciliation Events
12.2.6.1
Ad Hoc Linking
12.2.6.2
Manual Linking
12.2.6.3
Linking Orphan Accounts
Part V Managing Infrastructure Services
13
Managing Notification Service
13.1
Managing Notification Providers
13.1.1
Using UMS for Notification
13.1.1.1
Enabling Oracle Identity Manager to Use UMS for Notification
13.1.1.2
Applying OWSM Policy to the UMS Web Service
13.1.2
Using SMTP for Notification
13.1.3
Using SOA Composite for Notification
13.1.4
Configuring Custom Notification Provider
13.1.5
Disabling and Enabling Notification Providers
13.2
Managing Notification Templates
13.2.1
Creating a Notification Template
13.2.2
Searching for a Notification Template
13.2.3
Modifying a Notification Template
13.2.4
Deleting a Notification Template
13.2.5
Adding and Removing Locales from a Notification Template
13.2.6
Configuring Notification for a Proxy
13.3
Configuring Default Email Provider
13.4
Configuring SOA Email Notification
13.4.1
Configuring Actionable Email Notification on SOA
13.4.2
Troubleshooting SOA Email Notification
13.5
Disabling Email Notification
13.6
Testing Notification Configuration
13.6.1
Testing UMS Email Notification
13.6.2
Testing SMTP Connectivity
14
Managing the Scheduler
14.1
Configuring the oim-config.xml File
14.2
Starting and Stopping the Scheduler
14.3
Scheduled Tasks
14.3.1
Predefined Scheduled Tasks
14.3.2
LDAP Scheduled Tasks
14.3.3
Creating Custom Scheduled Tasks
14.4
Jobs
14.4.1
Creating Jobs
14.4.2
Searching Jobs
14.4.2.1
Performing a Simple Search for Jobs
14.4.2.2
Performing an Advanced Search for Jobs
14.4.3
Viewing Jobs
14.4.4
Modifying Jobs
14.4.5
Disabling and Enabling Jobs
14.4.6
Starting and Stopping Jobs
14.4.7
Deleting Jobs
15
Managing System Properties
15.1
System Properties in Oracle Identity Manager
15.2
Creating and Managing System Properties
15.2.1
Creating System Properties
15.2.2
Purging Cache
15.2.3
Searching for System Properties
15.2.3.1
Performing a Simple Search
15.2.3.2
Performing an Advanced Search
15.2.4
Modifying System Properties
15.2.5
Deleting System Properties
Part VI Requests
16
Managing the Access Request Catalog
16.1
Access Request Catalog
16.1.1
Access Request Challenges
16.1.2
Concepts
16.1.3
Catalog Use cases
16.2
About the Access Request Catalog
16.2.1
Features and Benefits
16.2.2
Architecture
16.3
Administering the Access Request Catalog
16.3.1
Pre-requisites
16.3.1.1
Setting up the Catalog System Administrator
16.3.1.2
Defining the Catalog Metadata
16.3.2
Common Tasks
16.3.2.1
Onboard Applications and Roles
16.3.2.2
Bootstrapping the Catalog
16.3.2.3
Ongoing Synchronization
16.3.2.4
Enrich the Catalog
16.3.2.5
Managing Catalog Items
16.3.3
Database Best Practices for Access Request Catalog
16.3.3.1
One-Time Optimizations for Oracle Text Index
16.3.3.2
Text Index Optimization
16.4
Managing the Lifecycle of the Catalog
16.4.1
Overview of Catalog Customization
16.4.2
Test to Production procedures for Catalog customizations
16.4.2.1
Exporting using the Sandbox and Deployment Manager
16.4.2.2
Importing Using the Deployment Manager and Sandbox
16.4.3
Limitations of the Test to Production procedures
16.5
Troubleshooting
16.5.1
Catalog synchronization issues
16.5.2
Catalog security issues
16.5.3
Catalog Search Issues
Part VII Auditing and Reporting
17
Configuring Auditing
17.1
Overview
17.1.1
Auditing Design Components
17.1.2
Profile Auditing
17.1.3
Standard and Customized Reports
17.2
User Profile Auditing
17.2.1
Data Collected for Audits
17.2.1.1
Capture of User Profile Audit Data
17.2.1.2
Storage of Snapshots
17.2.1.3
Trigger for Taking Snapshots
17.2.2
Post-Processor Used for User Profile Auditing
17.2.3
Tables Used for User Profile Auditing
17.2.4
Archival
17.3
Role Profile Auditing
17.3.1
Data Collected for Audits
17.3.1.1
Capture and Archiving of Role Profile Audit Data
17.3.1.2
Storage of Snapshots
17.3.1.3
Trigger for Taking Snapshots
17.4
Enabling and Disabling Auditing
17.4.1
Disabling Auditing
17.4.2
Enabling Auditing
18
Using Reporting Features
18.1
Reporting Features
18.2
Starting Oracle Identity Manager Reports
18.3
Running Oracle Identity Manager Reports
18.4
Supported Output Formats
18.5
Reports for Oracle Identity Manager
18.5.1
Access Policy Reports
18.5.1.1
Access Policy Details
18.5.1.2
Access Policy List by Role
18.5.2
Attestation, Request, and Approval Reports
18.5.2.1
Approval Activity
18.5.2.2
Attestation Process List
18.5.2.3
Attestation Request Details
18.5.2.4
Attestation Requests by Process
18.5.2.5
Attestation Requests by Reviewer
18.5.2.6
Request Details
18.5.2.7
Request Summary
18.5.2.8
Task Assignment History
18.5.3
Role and Organization Reports
18.5.3.1
Role Membership History
18.5.3.2
Role Membership Profile
18.5.3.3
Role Membership
18.5.3.4
Organization Details
18.5.3.5
User Membership History
18.5.4
Password Reports
18.5.4.1
Password Expiration Summary
18.5.4.2
Password Reset Summary
18.5.4.3
Resource Password Expiration
18.5.5
Resource and Entitlement Reports
18.5.5.1
Account Activity In Resource
18.5.5.2
Delegated Admins and Permissions by Resource
18.5.5.3
Delegated Admins by Resource
18.5.5.4
Entitlement Access List
18.5.5.5
Entitlement Access List History
18.5.5.6
Financially Significant Resource Details
18.5.5.7
Fine Grained Entitlement Exceptions By Resource
18.5.5.8
Orphaned Account Summary
18.5.5.9
Resource Access List History
18.5.5.10
Resource Access List
18.5.5.11
Resource Account Summary
18.5.5.12
Resource Activity Summary
18.5.5.13
Rogue Accounts By Resource
18.5.5.14
User Resource Access History
18.5.5.15
User Resource Access
18.5.5.16
User Resource Entitlement
18.5.5.17
User Resource Entitlement History
18.5.6
User Reports
18.5.6.1
User Profile History
18.5.6.2
User Summary
18.5.6.3
Users Deleted
18.5.6.4
Users Disabled
18.5.6.5
Users Unlocked
18.5.7
Best Practices for Running Oracle Identity Manager Reports
18.6
Exception Reports
18.7
Creating Reports Using Third-Party Software
18.8
Required Scheduled Tasks for BI Publisher Reports
19
Using the Archival Utilities
19.1
Using the Reconciliation Archival Utility
19.1.1
Understanding the Reconciliation Archival Utility
19.1.2
Prerequisite for Running the Reconciliation Archival Utility
19.1.3
Archival Criteria
19.1.4
Running the Reconciliation Archival Utility
19.1.5
Log File Generated by the Reconciliation Archival Utility
19.2
Using the Task Archival Utility
19.2.1
Understanding the Task Archival Utility
19.2.2
Preparing Oracle Database for the Task Archival Utility
19.2.3
Running the Task Archival Utility
19.2.4
Reviewing the Output Files Generated by the Task Archival Utility
19.3
Using the Requests Archival Utility
19.3.1
Understanding the Requests Archival Utility
19.3.2
Prerequisites for Running the Requests Archival Utility
19.3.3
Input Parameters
19.3.4
Running the Requests Archival Utility
19.3.5
Log Files Generated by the Utility
19.4
Using the Audit Archival and Purge Utility
19.4.1
Overview
19.4.2
Prerequisites for Using the Utility
19.4.3
Preparing the UPA Table for Archival and Purge
19.4.4
Archiving or Purging the UPA Table
19.4.4.1
Partitions That Must Not Be Archived or Purged
19.4.4.2
Ongoing Partition Maintenance
19.4.4.3
Archiving or Purging Partitions in the UPA Table
Part VIII Diagnostics and Troubleshooting
20
Configuring Logging
20.1
Logging in Oracle Identity Manager By Using ODL
20.1.1
Message Types and Levels
20.1.2
Log Handler and Logger Configuration
20.1.3
Configuring Log Handlers
20.1.3.1
Log Handler Configuration Tools
20.1.4
Configuring Loggers
20.1.5
Sample ODL Log Output
20.2
Logging in Oracle Identity Manager By Using log4j
20.2.1
Log Levels
20.2.2
Loggers
20.2.3
Configuring and Enabling Logging
20.3
Setting Warning State
21
Managing Asynchronous Execution
21.1
Overview of AsyncService
21.2
Async Routing and Configuration
21.2.1
Configuration Parameters
21.3
Troubleshooting Failed Async Tasks
21.3.1
Automated Retry Error Handling Mechanism
21.3.2
Manual Retry Error Handling Mechanism
21.4
Working with the Diagnostic Dashboard UI
21.4.1
Starting the Diagnostic Dashboard UI
21.4.2
Viewing Failed Async Tasks
21.4.2.1
To view failed async tasks
21.4.3
Retrying Failed Async Tasks
21.4.3.1
To retry failed Async task
21.4.4
Resubmitting Failed Async Tasks
21.4.5
Purging Failed Async Tasks
21.4.5.1
To purge failed Async tasks
22
Using Enterprise Manager for Managing Oracle Identity Manager Configuration
22.1
Using MBeans for Configuration Changes
22.2
Exporting and Importing Configuration Files
23
Setting the Language for Users
24
Working with the Diagnostic Dashboard
24.1
Overview of the Diagnostic Dashboard
24.2
Installing the Diagnostic Dashboard
24.2.1
Installing the Diagnostic Dashboard on Oracle WebLogic Server
24.3
Starting the Diagnostic Dashboard
24.4
Using the Diagnostic Dashboard
24.5
Running Tests By Using the Diagnostic Dashboard
24.5.1
Oracle Database Prerequisites Check
24.5.2
Database Connectivity Check
24.5.3
Account Lock Status
24.5.4
Data Encryption Key Verification
24.5.5
Scheduler Service Status
24.5.6
Remote Manager Status
24.5.7
JMS Messaging Verification
24.5.8
Target System SSL Trust Verification
24.5.9
Java VM System Properties Report
24.5.10
Oracle Identity Manager Libraries and Extensions Version Report
24.5.11
Oracle Identity Manager Libraries and Extensions Manifest Report
24.5.12
Test Basic Connectivity
24.5.13
Test Provisioning
24.5.14
Test Reconciliation
24.5.15
SOA-Oracle Identity Manager Configuration Check
24.5.16
Request Diagnostic Information
24.5.17
Orchestration Status
24.5.18
Retry Failed Orchestration
24.5.19
SPML Web Service
24.5.20
Test OWSM Setup
24.5.21
Test SPML to Oracle Identity Manager Request Invocation
24.5.22
SPML Attributes to Oracle Identity Manager Attributes
24.5.23
Username Test
24.5.24
Diagnose Creation of User and Role in Oracle Identity Manager and LDAP
24.5.25
Diagnose LDAP Reserve Container
24.5.26
Validate Recon Profile
24.5.27
Notification Configuration Test
25
Enabling Diagnostics
25.1
Enabling Diagnostics in Oracle Identity Manager
25.2
Troubleshooting Dynamic Configuration-Related Problems
25.2.1
Roles in Oracle Identity Manager and Identity Store in Inconsistent State
25.2.2
Postenablement of the oamEnabled Flag Causes Issues
25.2.3
Run-time Evaluation of LDAP Containers Defined in LDAPContainerRules.xml
26
Handling Errors
Part IX Additional Components
27
Installing and Configuring a Remote Manager
27.1
Overview of the Remote Manager Configuration
27.2
Configuring the Remote Manager
27.2.1
Adding the Trust Relation
27.2.2
Configuring the Remote Manager by Using Your Own Certificate
27.2.3
Testing the Remote Manager Connection
27.2.4
Updating the xlconfig.xml File to Change the Port for Remote Manager
27.3
Stopping and Starting the Remote Manager
27.4
Troubleshooting Remote Manager
28
Using the Form Version Control Utility
28.1
Use Cases Supported by the FVC Utility
28.2
Use Cases That Are Not Supported by the FVC Utility
28.3
Summary of the Form Version Control Process
28.4
Components of the FVC Utility
28.5
Using the FVC Utility
28.5.1
Preparing the Properties File
28.5.2
Addressing Prerequisites for Using the FVC Utility
28.5.3
Running the Utility
28.6
Troubleshooting
29
Starting and Stopping Servers
29.1
Configuring the Node Manager
29.2
Starting the Node Manager
29.3
Starting or Stopping WebLogic Administration Server
29.4
Starting or Stopping WebLogic Managed Servers
29.4.1
Starting or Stopping the Managed Servers By Using Command Prompt
29.4.2
Starting or Stopping the Managed Server By Using Oracle Enterprise Manager Fusion Middleware Control
29.4.3
Starting or Stopping Servers By Using Oracle WebLogic Server Administration Console
30
Enabling Secure Cookies
31
Integrating with Other Oracle Components
31.1
Oracle Access Manager
31.2
Oracle Adaptive Access Manager
31.3
Oracle Identity Analytics
31.3.1
Integration Configuration in Oracle Identity Analytics
31.3.2
Integration Configuration in Oracle Identity Manager
31.3.2.1
The DataCollectionOperationsIntf API Interface
31.3.2.2
Staging Tables
31.3.2.3
Data Collection Process
31.4
Oracle Identity Navigator
31.5
Oracle Virtual Directory
31.6
Oracle Service-Oriented Architecture
31.7
Oracle Business Intelligence Publisher
32
Handling Lifecycle Management Changes
32.1
URL Changes Related to Oracle Identity Manager
32.1.1
Oracle Identity Manager Database Host and Port Changes
32.1.2
Oracle Virtual Directory Host and Port Changes
32.1.3
Oracle Identity Manager Host and Port Changes
32.1.3.1
Changing OimFrontEndURL in Oracle Identity Manager Configuration
32.1.3.2
Changing backOfficeURL in Oracle Identity Manager Configuration
32.1.4
BI Publisher Host and Port Changes
32.1.5
SOA Host and Port Changes
32.1.6
OAM Host and Port Changes
32.2
Password Changes Related to Oracle Identity Manager
32.2.1
Changing Oracle WebLogic Administrator Password
32.2.2
Changing Oracle Identity Manager Administrator Password
32.2.3
Changing Oracle Identity Manager Database Password
32.2.4
Changing Oracle Identity Manager Passwords in the Credential Store Framework
32.2.5
Changing OVD Password
32.2.6
Changing Oracle Identity Manager Administrator Password in LDAP
32.2.7
Unlocking Oracle Identity Manager Administrator Password in LDAP
32.3
Configuring SSL for Oracle Identity Manager
32.3.1
Generating Keys
32.3.2
Signing the Certificates
32.3.3
Exporting the Certificate
32.3.4
Importing the Certificate
32.3.5
Enabling SSL for Oracle Identity Manager and SOA Servers
32.3.5.1
Enabling SSL for Oracle Identity Manager
32.3.5.2
Changing OimFrontEndURL to Use SSL Port
32.3.5.3
Changing backOfficeURL to Use SSL Port
32.3.5.4
Changing SOA Server URL to Use SSL Port
32.3.5.5
Configuring SSL for Design Console
32.3.5.6
Configuring SSL for Oracle Identity Manager Utilities
32.3.5.7
Configuring SSL for MDS Utilities
32.3.5.8
Configuring SSL for SPML/Callback Domain
32.3.6
Enabling SSL for Oracle Identity Manager DB
32.3.6.1
Setting Up DB in Server-Authentication SSL Mode
32.3.6.2
Creating KeyStores and Certificates
32.3.6.3
Updating Oracle Identity Manager
32.3.6.4
Updating WebLogic Server
32.3.7
Enabling SSL for LDAP Synchronization
32.3.7.1
Enabling OVD-OID with SSL
32.3.7.2
Updating Oracle Identity Manager for OVD Host/Port
33
Managing Identity and Resource Information
33.1
Overview of User Management
33.2
Managing Organization Information
33.3
Viewing Resources Allowed or Disallowed for Users
33.3.1
Policy History Tab
33.4
Assigning Role Entitlements
34
Securing a Deployment
Part X Appendixes
A
Configuring SSO Providers for Oracle Identity Manager
A.1
Enabling Oracle Identity Manager to Work With OpenSSO
A.1.1
Prerequisites
A.1.2
Integrating Oracle Identity Manager with OpenSSO
A.1.3
Running Validation Tests to Verify the Configuration
A.2
Enabling Oracle Identity Manager to Work With IBM Tivoli Access Manager
A.2.1
Prerequisites
A.2.2
Integrating Oracle Identity Manager with IBM Tivoli Access Manager
A.2.3
Running Validation Tests to Validate the Configuration
A.3
Enabling Oracle Identity Manager to Work With CA SiteMinder
A.3.1
Prerequisites
A.3.2
Integrating Oracle Identity Manager with CA SiteMinder
A.3.3
Running Validation Tests to Validate the Configuration
A.4
Configuring SSO for XIMDD
Index
Scripting on this page enhances content navigation, but does not change the content in any way.