25 Working with the Diagnostic Dashboard

This chapter describes the Diagnostic Dashboard utility shipped with Oracle Identity Manager and contains the following topics:

• Section 25.1, "Overview of the Diagnostic Dashboard"

• Section 25.2, "Installing the Diagnostic Dashboard"

• Section 25.3, "Starting the Diagnostic Dashboard"

• Section 25.4, "Using the Diagnostic Dashboard"

• Section 25.5, "Running Tests By Using the Diagnostic Dashboard"

25.1 Overview of the Diagnostic Dashboard

The Oracle Identity Manager Diagnostic Dashboard is a standalone Web application that runs on your application server. You use this diagnostic tool to validate preinstallation and postinstallation requirements for Oracle Identity Manager.

You must have the appropriate system administrator permissions for your Application Server and Oracle Identity Manager environments to use this tool. You need DBA-level permissions to execute some database-related tests.

Note:

The Diagnostic Dashboard and Oracle Identity Manager must be installed on the same application server.

25.2 Installing the Diagnostic Dashboard

The Diagnostic Dashboard utility is distributed on the installation CD-ROM with the Oracle Identity Manager Installer. It is available as a EAR file in the Diagnostic Dashboard directory on the CD-ROM.

25.2.1 Installing the Diagnostic Dashboard on Oracle WebLogic Server

This section discusses the steps you need to perform to install the Diagnostic Dashboard on Oracle WebLogic Server.

To install the Diagnostic Dashboard on Oracle WebLogic Server:

1. Log in to Oracle WebLogic Administration Console.

2. In the left navigation pane, click Deployments. It lists all the applications deployed on the server.

3. Click Install.

4. Navigate to the location for deploying the EAR file. Typically, the EAR file is located in the following directory:

   OIM_ORACLE_HOME/server/webapp/optional/

5. Select XIMDD.ear from the Current Location panel.

6. Click Next on the Choose targeting style page.

7. Select OimServer (Oracle Identity Manager Server) from the Available targets for XIMDD panel, and click Next.

8. Click Finish. The following message appears:

   All changes have been activated. No restarts are necessary.
   The deployment has been successfully installed.
   

   You can access the Diagnostic Dashboard from the following location:

   http://OIM_server_host_ip:port/XIMDD
   

25.3 Starting the Diagnostic Dashboard

After the Diagnostic Dashboard is deployed, you can access it by using a URL of the following format:

http://OIM_HOST:OIM_PORT/XIMDD

Log into Diagnostic Dashboard with administrator privileges. Click the Diagnostic Dashboard link on the left menu pane to display the Diagnostic Dashboard main page.

The Diagnostic Dashboard utility indicates on which application server the tool is deployed.

25.4 Using the Diagnostic Dashboard

The Diagnostic Dashboard main page includes the sections listed in the following table:

Section	Description
Application Server	Displays the name of the application server
Oracle Identity Manager Installation	Displays installation details such as product version, build number, host, and location of the product
Test Details Test Parameters	Displays the test name and its description Displays the parameters required for testing

To run a test:

1. Select the test by selecting the option on the Diagnostic Dashboard main page.

2. Enter the required parameters.

3. Click Verify to see the result.

   The Diagnostic Dashboard Test Result page is displayed with the status information listed in the following table.

   Test Result	Description
   Result Summary	Shows all the selected tests with icons (pass or fail) indicating the result. The test name is a Web link that allows the user to jump to the result details directly.
   Test Name	Displays the name of the test
   Description	Displays the description of the test
   Input Parameters	Displays the parameters of the test
   Result	Displays the outcome of the test
   Details	Displays details about the outcome of the test

   
   

4. Click Diagnostic Dashboard on the left menu pane or Return to Diagnostic Dashboard to return to the previous test page.

25.5 Running Tests By Using the Diagnostic Dashboard

The following tests are available for different application servers.

• Oracle Database Prerequisites Check

• Database Connectivity Check

• Account Lock Status

• Data Encryption Key Verification

• Scheduler Service Status

• Remote Manager Status

• JMS Messaging Verification

• Target System SSL Trust Verification

• Java VM System Properties Report

• Oracle Identity Manager Libraries and Extensions Version Report

• Oracle Identity Manager Libraries and Extensions Manifest Report

• Test Basic Connectivity

• Test Provisioning

• Test Reconciliation

• SOA-Oracle Identity Manager Configuration Check

• Request Diagnostic Information

• Orchestration Status

• Retry Failed Orchestration

• SPML Web Service

• Test OWSM Setup

• Test SPML to Oracle Identity Manager Request Invocation

• SPML Attributes to Oracle Identity Manager Attributes

• Username Test

• Diagnose Creation of User and Role in Oracle Identity Manager and LDAP

• Diagnose LDAP Reserve Container

• Validate Recon Profile

• Notification Configuration Test

• Diagnose LDAP Connection

• Diagnose OIM Callback Webservice

25.5.1 Oracle Database Prerequisites Check

Prerequisite: The following are the prerequisites for running this test:

Prerequisite	Description
Database Server	Enter the location of the database server.
Port	Enter the port number.
Database Name	Enter the database name (SID).
Oracle Identity Manager Database User Name	Enter the Oracle Identity Manager database user name.
System User Name	Enter the system user name.
System User Password	Enter system user password.

Description: Checks if the specified Oracle Database instance meets the prerequisites for Oracle Identity Manager installation. This test requires SYSTEM permissions.

Result: It displays the following information:

• Necessary permissions for user

• XA support enabled

• JVM enabled

• Oracle version Information

25.5.2 Database Connectivity Check

Prerequisite: None

Description: Run this test to verify whether or not Oracle Identity Manager is able to connect to the database. This test verifies the direct database connection and the J2EE data sources (XA).

Result: It displays the following information:

• Direct database connectivity

• XA execution

25.5.3 Account Lock Status

Prerequisite: The following is the prerequisite for verifying this test:

Prerequisite	Description
User Login	Enter the user name.

Description: Oracle Identity Manager locks an account when there are successive multiple invalid login attempts. This test checks whether or not a specified account is locked.

Result: Checks for locked or unlocked accounts in the database.

25.5.4 Data Encryption Key Verification

Prerequisite: None

Description: The data encryption key in an Oracle Identity Manager installation should be the same as the one used to encrypt the data in the Oracle Identity Manager database. This may not be the case when an Oracle Identity Manager installation is pointed to a database schema created for a different Oracle Identity Manager installation. This can also happen when a database dump from one Oracle Identity Manager installation is imported for a different Oracle Identity Manager installation without copying the corresponding key.

Result: Checks if the database key is present in the Oracle Identity Manager configuration directory.

25.5.5 Scheduler Service Status

Prerequisite: None

Description: Checks the status of the Oracle Identity Manager Scheduler Service running on the server.

Result: Displays the status of the scheduler service.

25.5.6 Remote Manager Status

Prerequisite: None

Description: Reports the status of the Remote Managers that this Oracle Identity Manager installation is set to work with.

Result: Displays the status of the Remote Manager.

25.5.7 JMS Messaging Verification

Prerequisite: None

Description: The purpose of this test is to verify that Oracle Identity Manager will be able to submit a JMS message and process it.

Result: Displays if Oracle Identity Manager is able to submit and process a JMS message.

25.5.8 Target System SSL Trust Verification

Prerequisite: The following are the prerequisites for running this test:

Prerequisite	Description
Target System	Enter the host name.
Port	Enter the port number.
Certificate Store Location	Enter the location for storage.
Certificate Store Password	Enter the password for storage.

Description: Oracle Identity Manager must be set up to trust the target system certificates if the connectivity is over Secure Sockets Layer (SSL). Enter the host name and the port where a target system is listening for SSL connections.

Result: It displays the following information:

• Valid and invalid host and port address

• Trusted certificates

25.5.9 Java VM System Properties Report

Prerequisite: None

Description: Displays all the Java VM system properties.

Result: Displays all the Java VM system properties.

25.5.10 Oracle Identity Manager Libraries and Extensions Version Report

Prerequisite: None

Description: Reports all the versions of the Oracle Identity Manager libraries and extensions.

Result: Displays the versions of the Oracle Identity Manager libraries and extensions.

25.5.11 Oracle Identity Manager Libraries and Extensions Manifest Report

Prerequisite: None

Description: Reports the manifest information of the Oracle Identity Manager libraries and extensions.

Result: Displays the manifest information of the Oracle Identity Manager libraries and extensions.

25.5.12 Test Basic Connectivity

Prerequisite: The following are the prerequisites for running this test:

Prerequisite	Description
IT Resource Type Name	Enter the IT resource type.
IT Resource Instance Name	Enter the IT resource name.

Description: Tests the connection to the target system by using the IT resource for the target system.

Note:

If the specified IT resource type was created when you deployed a predefined connector, then see the Oracle Identity Manager Connector Pack release notes and documentation to determine whether or not this test can be applied for the release of the connector that you deployed.

Result: Displays the results of the connectivity test. If the test fails, then the cause of the error is also displayed.

25.5.13 Test Provisioning

Prerequisite: The following are the prerequisites for running this test:

Prerequisite	Description
IT Resource Type Name	Enter the IT resource type.
IT Resource Instance Name	Enter the IT resource name.

Description: Performs a basic Create User operation on the target system.

Note:

If the specified IT resource type was created when you deployed a predefined connector, then see the Oracle Identity Manager Connector Pack release notes and documentation to determine whether or not this test can be applied for the release of the connector that you deployed.

Result: Displays the results of the provisioning test. Test data created on the target system during the test is deleted at the end of the test.

25.5.14 Test Reconciliation

Prerequisite: The following are the prerequisites for running this test:

Prerequisite	Description
IT Resource Type Name	Enter the IT resource type.
IT Resource Instance Name	Enter the IT resource name.

Description: Performs a basic reconciliation operation on the target system.

Note:

If the specified IT resource type was created when you deployed a predefined connector, then see the Oracle Identity Manager Connector Pack release notes and documentation to determine whether or not this test can be applied for the release of the connector that you deployed.

Result: Displays the results of the reconciliation test. Test data reconciled into Oracle Identity Manager during the test is deleted at the end of the test.

25.5.15 SOA-Oracle Identity Manager Configuration Check

Prerequisite: None

Description: Checks whether the details provided for SOA-wiring are valid or not.

Result: Displays the status for the following tests:

1. Validation for SOA connection with Oracle Identity Manager and authentication of user in SOA

2. Authentication and search of Oracle Identity Manager DB user

25.5.16 Request Diagnostic Information

Prerequisite: The following is the prerequisite for running this test:

Prerequisite	Description
Request ID	Enter the ID of the request for which diagnostic information is required

Description: Provides the orchestration ID and the composite details for the given request ID.

Result: Displays the following information:

1. Orchestration process ID associated with the given request ID.

2. Composite details of the request along with details of approval and process task.

25.5.17 Orchestration Status

Prerequisite: The following are the prerequisites for running this test:

Prerequisite	Description
Process Id	Enter the Id of the orchestration process.

Description: Provides the status of the orchestration process in the Oracle Identity Manager Kernel. It also provides details and status about all the event handlers involved in that process.

Result: Displays the status of the orchestration process as Failed, Completed, or Active.

Figure 25-1 displays the status of the orchestration process, including the events completed and still pending.

Figure 25-1 Sample Output for Orchestration Status Test

Description of "Figure 25-1 Sample Output for Orchestration Status Test"

25.5.18 Retry Failed Orchestration

Prerequisite: The following are the prerequisites for running this test:

Prerequisite	Description
Process Id	Enter the Id of the orchestration process.

Description: Obtains the response that indicates how to handle the failure for the given orchestration process.

Result: Displays the orchestration process in failed state and continues to retry based on the response.

25.5.19 SPML Web Service

Prerequisite: None

Description: Verifies that SPML WSDL is accessible and the Web service is up and running.

Result: Displays the contents of SPML WSDL file.

25.5.20 Test OWSM Setup

Prerequisite: The following are the prerequisites for running this test:

Prerequisites	Description
SPML User Name	Enter user name to be used to run SPML request.
SPML User Password	Enter user password.

Description: Verifies OWSM setup by submitting a request with OWSM header information. This also ensures a valid response is returned by submitting a request with OWSM header set.

Result: Displays the targets supported by the SPML web-service.

25.5.21 Test SPML to Oracle Identity Manager Request Invocation

Prerequisite: The following are the prerequisites for running this test:

Prerequisites	Description
SPML User Name	Enter user name to be used to run SPML request.
SPML User Password	Enter user password.

Description: SPML WS to Oracle Identity Manager is a signature-based login, This test ensures if this is working, by simulating a Oracle Identity Manager request.

Result: Displays whether signature-based login is working fine.

25.5.22 SPML Attributes to Oracle Identity Manager Attributes

Prerequisite: None

Description: Lists all the mapping of SPML attributes to Oracle Identity Manager attributes which helps the administrator to check if the set up is correct.

Result: Displays a table showing the SPML to Oracle Identity Manager attributes mappings:

SPML Attribute Name	Oracle Identity Manager Attribute Name
Number Format	Number Format
localityName	Locality Name
countryName	Country
manager	User Manager
facsimileTelephoneNumber	Fax
generationQualifier	Generation Qualifier
street	Street
state	State
surname	Last Name
Embedded Help	Embedded Help
Territory	FA Territory
organizationUnit	LDAP Organization Unit
givenName	First Name

25.5.23 Username Test

Prerequisite: None

Description: Lists the existing username generation policy defined in Oracle Identity Manager

Result: Displays the policy name.

25.5.24 Diagnose Creation of User and Role in Oracle Identity Manager and LDAP

Prerequisite: The following are the prerequisites for running this test:

Prerequisites	Description
SPML User Name	Enter user name to be used to run SPML request.
SPML User Password	Enter user password.

Description: Verifies the user creation and role creation are working fine in LDAP and Oracle Identity Manager individually.

Result: Displays the status specifying whether user and role creation was successful in Oracle Identity Manager and LDAP.

25.5.25 Diagnose LDAP Reserve Container

Prerequisite: None

Description: Oracle Identity Manager configuration file has the tree structure of reserve container. This test validates that the reserve container was created during the setup.

Result: Displays whether reserve container is created properly.

25.5.26 Validate Recon Profile

Prerequisite: Profile Name

Description: Validates the reconciliation profile XML file.

Result: Displays the profile XML data along with validation status and validation exception, if validation fails.

25.5.27 Notification Configuration Test

Prerequisite: Ensure that the user ID provided is valid in Oracle Identity Manager, and the user has a valid email ID.

Description: Tests the Oracle Identity Manager Notification Service running on this server.

Result: Displays the status of each notification provider, such as UMSEmailServiceProvide, SOAEmailServiceProvider, and EmailServiceProvider.

25.5.28 Diagnose LDAP Connection

Prerequisite: None

Description: Verifies if Oracle Identity Manager is able to connect to the LDAP server.

Result: Displays whether connection to LDAP is working properly.

25.5.29 Diagnose OIM Callback Webservice

Prerequisite: None

Description: Verifies that Oracle Identity Manager Callback WSDL is accessible.

Result: Displays the contents of Oracle Identity Manager Callback WSDL file.