1/52
Contents
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
Part I Overview
1
Oracle Identity System Administration Interface
1.1
Logging in to Oracle Identity Manager System Administration Console
1.2
Overview of the Oracle Identity Manager System Administration Console
1.2.1
Links
1.2.1.1
Accessibility
1.2.1.2
Sandboxes
1.2.1.3
Help
1.2.1.4
Sign Out
1.2.2
Left and Right Panes
1.2.2.1
Event Management
1.2.2.2
Certifications
1.2.2.3
Policies
1.2.2.4
Configuration
1.2.2.5
System Management
1.2.2.6
Upgrade
Part II Policy Administration
2
Managing Approval Policies
2.1
Approval Selection Methodologies
2.1.1
Request-Level Methodology
2.1.2
Operation-Level Methodology: Organization-Based Selection
2.1.3
Operation-Level Methodology: Role-Based Selection
2.1.4
Operation-Level Methodology: Application Instance-Based Selection
2.2
Creating Approval Policies
2.3
Searching Approval Policies
2.4
Modifying Approval Policies
2.5
Modifying the Priority of an Approval Policy
2.6
Deleting Approval Policies
2.7
General Guidelines
3
Managing Access Policies
3.1
Terminologies Used in Access Policies
3.2
Features of Access Policies
3.2.1
Provisioning Options
3.2.2
Revoking or Disabling the Policy
3.2.3
Denying a Resource
3.2.4
Evaluating Policies
3.2.5
Access Policy Priority
3.2.6
Access Policy Data
3.2.7
Provisioning Multiple Instances of the Same Resource via Access Policy by Using Account Discriminator
3.3
Creating Access Policies
3.4
Managing Access Policies
3.5
Provisioning Multiple Instances of the Same Resource via Access Policy
3.5.1
Creating Separate Accounts for the Same User and Same Resource on a Single Target System
3.5.2
Enabling Multiple Account Provisioning
3.5.3
Provisioning Multiple Instances of a Resource to Multiple Target Systems
3.5.4
Limitation of Provisioning Multiple Instances of a Resource via Access Policy
4
Managing Password Policies
4.1
Searching Password Policies
4.2
Creating a Password Policy
4.3
Setting Password Policy Rules
4.4
Deleting a Password Policy
5
Managing Attestation Processes
5.1
About Attestation
5.1.1
Definition of an Attestation Process
5.1.1.1
Attestation Process Control
5.1.2
Components of Attestation Tasks
5.1.2.1
Attestation Inbox
5.1.3
Attestation Request
5.1.4
Delegation
5.1.5
Attestation Lifecycle Process
5.1.5.1
Stage 1: Creation of an Attestation Task
5.1.5.2
Stage 2: Acting on an Attestation Task
5.1.5.3
Stage 3: Processing a Submitted Attestation Task
5.1.6
Attestation Engine
5.1.7
Attestation Scheduled Task
5.1.8
Attestation-Driven Workflow Capability
5.1.9
Attestation E-Mail
5.1.9.1
Notify Attestation Reviewer
5.1.9.2
Notify Delegated Reviewers
5.1.9.3
Notify Process Owner About Declined Attestation Entitlements
5.1.9.4
Notify Process Owner About Reviewers with No E-Mail Defined
5.2
Attestation Process Configuration
5.2.1
Menu Structure
5.2.2
System Control
5.3
Creating Attestation Processes
5.4
Managing Attestation Processes
5.4.1
Editing Attestation Processes
5.4.2
Disabling Attestation Processes
5.4.3
Enabling Attestation Processes
5.4.4
Deleting Attestation Processes
5.4.5
Running Attestation Processes
5.4.6
Managing Attestation Process Administrators
5.4.7
Viewing Attestation Process Execution History
5.5
Using the Attestation Dashboard
5.5.1
Viewing Attestation Request Details
5.5.2
E-Mail Notification
5.5.3
Attestation Grace Period Checker Scheduled Task
Part III Identity Certification
6
Managing Identity Certification
6.1
Certification Concepts
6.1.1
Line of Business and Line Item
6.1.2
Certification Task
6.1.3
Certification Object
6.1.4
Certification Definition
6.1.5
Certification Jobs
6.1.6
Closed-Loop Remediation
6.1.7
Remediation Tracking
6.1.8
Event Listener
6.1.9
Certification Authorization
6.2
Configuring Certifications
6.2.1
Prerequisites for Configuring Certifications
6.2.1.1
Marking a Catalog Item as Certifiable
6.2.1.2
Setting the Certifier in the Request Catalog
6.2.1.3
Setting User Manager and Organization Certifier
6.2.1.4
Setting Risk Levels for Individual Entities
6.2.1.5
Tagging Attributes
6.2.1.6
Configuring the Availability of Identity Certification
6.2.1.7
Configuring Reminders, Notifications, Escalations, and Expiry for Certifications (Optional)
6.2.2
Configuring Certification Options in Identity System Administration
6.3
Managing Certification Definitions
6.3.1
Creating Certification Definitions
6.3.1.1
Creating a User Certification Definition
6.3.1.2
Creating a Role Certification Definition
6.3.1.3
Creating an Application Instance Certification Definition
6.3.1.4
Creating an Entitlement Certification Definition
6.3.2
Modifying Certification Definitions
6.3.3
Deleting Certification Definitions
6.4
Scheduling Certifications
6.5
Understanding How Risk Summaries are Calculated
6.5.1
Understanding Item Risk and Risk-Factor Mappings
6.5.1.1
Setting Item Risk
6.5.1.2
Understanding Risk-Level Mappings (Risk Factors)
6.5.2
Understanding Risk Aggregation and Risk Summaries
6.5.3
Understanding How Changing Risk Configuration Values Impacts the System
6.6
Understanding Closed-Loop Remediation and Remediation Tracking
6.6.1
Configuring Challenge Workflows
6.7
Understanding Event Listeners
6.8
Configuring Event Listeners and Certification Event Trigger Jobs
6.8.1
Creating an Event Listener
6.8.2
Modifying an Event Listener
6.8.3
Deleting an Event Listener
6.8.4
Configuring Certification Event Trigger Jobs
6.8.4.1
Setting the Event Listener Name List
6.8.4.2
Adding More Trigger Jobs
6.9
Configuring Certification Reports
6.10
Understanding Multi-Phased Review in User Certification
6.10.1
Multiple Phases of Review
6.10.2
Delegation to Multiple Reviewers Within Each Phase
6.10.3
Stages of Certification in TPAD
6.10.3.1
Phase One With Verification
6.10.3.2
Phase Two With Verification
6.10.3.3
Final Review
6.11
Troubleshooting Identity Certification
Part IV Form Management
7
Managing Forms
7.1
Creating Forms By Using the Form Designer
7.2
Searching Forms By Using the Form Designer
7.3
Modifying Forms By Using the Form Designer
7.3.1
Removing or Hiding Form Attributes
8
Configuring Custom Attributes
8.1
Creating a Custom Attribute
8.2
Creating a Custom Child Form
8.3
Creating a Custom Child Form Attribute
8.4
Modifying a Custom Attribute
8.5
Adding a Custom Attribute
8.5.1
Enabling the Submit Button After Adding a UDF to the Modify User Form
8.6
Adding a Custom Attribute to an Application Instance Form
8.6.1
Regenerating View
8.6.2
Updating the Application Instance Form By Using WebCenter Composer
8.7
Moving UDFs from Test to Production
8.7.1
Moving UDFs Added to Catalog Entities
8.7.2
Moving UDFs Added to User Forms
8.7.2.1
Exporting the UDF from the Test Environment
8.7.2.2
Importing the UDF into the Production Environment
8.8
Synchronizing User-Defined Fields Between Oracle Identity Manager and LDAP
8.9
Attribute Definitions
8.10
Creating Cascaded LOVs
Part V Application Management
9
Managing Application Instances
9.1
Application Instance Architecture and Concepts
9.1.1
Multiple Accounts Per Application Instance
9.1.2
Entitlements
9.1.3
Disconnected Application Instances
9.1.4
Application Instance Security
9.2
Managing Application Instances
9.2.1
Creating Application Instances
9.2.2
Searching Application Instances
9.2.3
Modifying Application Instances
9.2.3.1
Modifying Application Instance Attributes
9.2.3.2
Managing Organizations Associated With Application Instances
9.2.3.3
Managing Entitlements Associated With Application Instances
9.2.4
Deleting Application Instances
9.2.5
Creating and Modifying Forms
9.2.5.1
Creating Forms Associated With Application Instances
9.2.5.2
Modifying Forms Associated With Application Instances
9.2.5.3
Localizing Application Instance Form
9.3
Configuring Application Instances
9.3.1
Configuring Provisioning for Connected Application Instances
9.3.2
Configuring a Resource Object
9.3.3
Configuring IT Resource
9.3.4
Configuring Password Policies for Application Instances
9.4
Developing Entitlements
9.4.1
Available Entitlements and Assigned Entitlements
9.4.2
Entitlement Data Capture Process
9.4.2.1
Capture of Data About Available Entitlements
9.4.2.2
Capture of Data About Assigned Entitlements
9.4.3
Marking Entitlement Attributes on Child Process Forms
9.4.4
Duplicate Validation for Entitlements or Child Data
9.4.5
Configuring Scheduled Tasks for Working with Entitlement Data
9.4.5.1
Entitlement List
9.4.5.2
Entitlement Assignments
9.4.6
Deleting Entitlement
9.4.7
Refreshing the Entitlement List Post Delete for New Entries
9.4.8
Disabling the Capture of Modifications to Assigned Entitlements
9.4.9
Entitlement-Related Reports
9.4.9.1
Entitlement Access List
9.4.9.2
Entitlement Access List History
9.4.9.3
User Resource Entitlement
9.4.9.4
User Resource Entitlement History
10
Managing Disconnected Resources
10.1
Disconnected Resources Architecture
10.2
Managing Disconnected Application Instance
10.2.1
Creating a Disconnected Application Instance
10.2.2
Creating a Disconnected Application Instance for an Existing Disconnected Resource
10.3
Provisioning Operations on a Disconnected Application Instance
10.3.1
Process Form Updates
10.4
Managing Entitlement for Disconnected Resource
10.4.1
Configuring Entitlement Grant
10.4.1.1
Creating a Child Form and Configuring Entitlement Lookup via Form Designer
10.4.1.2
Configuring the Process Task that Invokes the SOA Composite
10.4.2
Configuring for Entitlement Revoke
10.5
Status Changes in Manual Process Task Action
10.6
Customizing Provisioning SOA Composite
10.6.1
Customizing Human Task Assignment via SOA Composer
10.6.2
Customizing by Modifying the Out of the Box Composite
10.7
Troubleshooting Disconnected Resources
11
Managing Lookups
11.1
Searching a Lookup Type
11.2
Creating a Lookup Type
11.3
Modifying a Lookup Type
12
Managing Connector Lifecycle
12.1
Lifecycle of a Connector
12.2
Connector Lifecycle and Change Management Terminology
12.3
Viewing Connector Details
12.4
Installing Connectors
12.4.1
Overview of the Connector Deployment Process
12.4.2
Creating the User Account for Installing Connectors
12.4.3
Installing a Connector
12.4.4
Post Installation Steps
12.5
Defining Connectors
12.6
Cloning Connectors
12.6.1
Guidelines for Cloning a Connector
12.6.2
Cloning a Connector
12.6.3
Postcloning Steps
12.7
Exporting Connector Object Definitions in Connector XML Format
12.8
Upgrading Connectors
12.8.1
Upgrade Use Cases Supported by the Connector Upgrade Feature
12.8.2
Connector Object Changes Supported by the Upgrade Connectors Feature
12.8.2.1
Resource Object Changes
12.8.2.2
Process Definition Changes
12.8.2.3
Resource Object Changes
12.8.2.4
Process Form Changes
12.8.2.5
Lookup Definition Changes
12.8.2.6
Adapter Changes
12.8.2.7
Rule Changes
12.8.2.8
IT Resource Type Changes
12.8.2.9
IT Resource Changes
12.8.2.10
Scheduled Task Changes
12.8.3
What Happens When You Upgrade a Connector
12.8.4
Summary of the Upgrade Procedure
12.8.5
Procedure to Upgrade a Connector
12.8.5.1
Preupgrade Procedure
12.8.5.2
Upgrade Procedure
12.8.5.3
Postupgrade Procedure
12.8.6
Procedure to Upgrade a 9.
x
Connector Version to an ICF Based Connector
12.9
Uninstalling Connectors
12.9.1
Use Cases Supported by the Uninstall Connectors Utility
12.9.2
Overview of the Connector Uninstall Process
12.9.3
Setting Up the Uninstall Connector Utility
12.9.4
Uninstalling Connectors and Removing Connector Objects
12.9.4.1
Uninstalling a Connector
12.9.4.2
Removing Adapters, Lookup Definitions, Resource Objects, and Scheduled Tasks
12.9.4.3
Running the Script to Uninstall Connectors and Connector Objects
12.10
Troubleshooting Connector Management Issues
13
Managing Reconciliation
13.1
Types of Reconciliation
13.1.1
Reconciliation Based on the Object Being Reconciled
13.1.1.1
Trusted Source Reconciliation
13.1.1.2
Account Reconciliation
13.1.1.3
Reconciliation Process Flow
13.1.2
Mode of Reconciliation
13.1.3
Approach Used for Reconciliation
13.2
Managing Reconciliation Events
13.2.1
Searching Events
13.2.1.1
Performing a Simple Search for Events
13.2.1.2
Performing an Advanced Search for Events
13.2.2
Displaying Event Details
13.2.3
Determining Event Actions
13.2.4
Re-evaluating Events
13.2.5
Closing Events
13.2.6
Linking Reconciliation Events
13.2.6.1
Ad Hoc Linking
13.2.6.2
Manual Linking
13.2.6.3
Linking Orphan Accounts
Part VI Managing Infrastructure Services
14
Managing Notification Service
14.1
Managing Notification Providers
14.1.1
Using UMS for Notification
14.1.1.1
Enabling Oracle Identity Manager to Use UMS for Notification
14.1.1.2
Applying OWSM Policy to the UMS Web Service
14.1.2
Using SMTP for Notification
14.1.3
Using SOA Composite for Notification
14.1.4
Configuring Custom Notification Provider
14.1.5
Disabling and Enabling Notification Providers
14.2
Managing Notification Templates
14.2.1
Creating a Notification Template
14.2.2
Searching for a Notification Template
14.2.3
Modifying a Notification Template
14.2.4
Deleting a Notification Template
14.2.5
Adding and Removing Locales from a Notification Template
14.2.6
Configuring Notification for a Proxy
14.3
Configuring Default Email Provider
14.4
Configuring SOA Email Notification
14.4.1
Configuring Actionable Email Notification on SOA
14.4.2
Troubleshooting SOA Email Notification
14.5
Disabling Email Notification
14.6
Testing Notification Configuration
14.6.1
Testing UMS Email Notification
14.6.2
Testing SMTP Connectivity
15
Managing the Scheduler
15.1
Configuring the oim-config.xml File
15.2
Starting and Stopping the Scheduler
15.2.1
Controlling Scheduler Start or Stop in a Clustered Environment
15.2.1.1
Adding the Server Side Property for Oracle Identity Manager
15.2.1.2
Restarting Oracle Identity Manager Managed Servers from the Node Manager
15.2.1.3
Modifying the Server Side Property for Oracle Identity Manager
15.3
Disabling and Enabling the Scheduler on a Node in Cluster Setup
15.3.1
Adding the Server-Level Property
15.3.2
Restarting the Managed Server from the Node Manger
15.4
Scheduled Tasks
15.4.1
Predefined Scheduled Tasks
15.4.2
LDAP Scheduled Tasks
15.4.2.1
Using Attribute-Level Filtering for Running LDAP Sync Incremental Reconciliation Jobs
15.4.3
Creating Custom Scheduled Tasks
15.5
Jobs
15.5.1
Creating Jobs
15.5.2
Searching Jobs
15.5.2.1
Performing a Simple Search for Jobs
15.5.2.2
Performing an Advanced Search for Jobs
15.5.3
Viewing Jobs
15.5.4
Modifying Jobs
15.5.5
Disabling and Enabling Jobs
15.5.6
Starting and Stopping Jobs
15.5.7
Deleting Jobs
16
Managing System Properties
16.1
System Properties in Oracle Identity Manager
16.2
Creating and Managing System Properties
16.2.1
Creating System Properties
16.2.2
Purging Cache
16.2.3
Searching for System Properties
16.2.3.1
Performing a Simple Search
16.2.3.2
Performing an Advanced Search
16.2.4
Modifying System Properties
16.2.5
Deleting System Properties
Part VII Requests
17
Managing the Access Request Catalog
17.1
Access Request Catalog
17.1.1
Access Request Challenges
17.1.2
Concepts
17.1.3
Catalog Use cases
17.2
About the Access Request Catalog
17.2.1
Features and Benefits
17.2.2
Architecture
17.3
Administering the Access Request Catalog
17.3.1
Pre-requisites
17.3.1.1
Setting up the Catalog System Administrator
17.3.1.2
Defining the Catalog Metadata
17.3.2
Common Tasks
17.3.2.1
Onboard Applications and Roles
17.3.2.2
Bootstrapping the Catalog
17.3.2.3
Ongoing Synchronization
17.3.2.4
Enrich the Catalog
17.3.2.5
Managing Catalog Items
17.3.3
Database Best Practices for Access Request Catalog
17.3.3.1
One-Time Optimizations for Oracle Text Index
17.3.3.2
Text Index Optimization
17.4
Managing the Lifecycle of the Catalog
17.4.1
Overview of Catalog Customization
17.4.2
Test to Production procedures for Catalog customizations
17.4.2.1
Exporting using the Sandbox and Deployment Manager
17.4.2.2
Importing Using the Deployment Manager and Sandbox
17.4.3
Limitations of the Test to Production procedures
17.5
Troubleshooting
17.5.1
Catalog synchronization issues
17.5.2
Catalog security issues
17.5.3
Catalog Search Issues
Part VIII Auditing and Reporting
18
Configuring Auditing
18.1
Overview
18.1.1
Auditing Design Components
18.1.2
Profile Auditing
18.1.3
Standard and Customized Reports
18.2
User Profile Auditing
18.2.1
Data Collected for Audits
18.2.1.1
Capture of User Profile Audit Data
18.2.1.2
Storage of Snapshots
18.2.1.3
Trigger for Taking Snapshots
18.2.2
Post-Processor Used for User Profile Auditing
18.2.3
Tables Used for User Profile Auditing
18.2.4
Archival
18.3
Role Profile Auditing
18.3.1
Data Collected for Audits
18.3.1.1
Capture and Archiving of Role Profile Audit Data
18.3.1.2
Storage of Snapshots
18.3.1.3
Trigger for Taking Snapshots
18.4
Enabling and Disabling Auditing
18.4.1
Disabling Auditing
18.4.2
Enabling Auditing
19
Using Reporting Features
19.1
Reporting Features
19.2
Starting Oracle Identity Manager Reports
19.3
Running Oracle Identity Manager Reports
19.4
Supported Output Formats
19.5
Reports for Oracle Identity Manager
19.5.1
Access Policy Reports
19.5.1.1
Access Policy Details
19.5.1.2
Access Policy List by Role
19.5.2
Attestation, Request, and Approval Reports
19.5.2.1
Approval Activity
19.5.2.2
Attestation Process List
19.5.2.3
Attestation Request Details
19.5.2.4
Attestation Requests by Process
19.5.2.5
Attestation Requests by Reviewer
19.5.2.6
Request Details
19.5.2.7
Request Summary
19.5.2.8
Task Assignment History
19.5.3
Role and Organization Reports
19.5.3.1
Role Membership History
19.5.3.2
Role Membership Profile
19.5.3.3
Role Membership
19.5.3.4
Organization Details
19.5.3.5
User Membership History
19.5.4
Password Reports
19.5.4.1
Password Expiration Summary
19.5.4.2
Password Reset Summary
19.5.4.3
Resource Password Expiration
19.5.5
Resource and Entitlement Reports
19.5.5.1
Account Activity In Resource
19.5.5.2
Delegated Admins and Permissions by Resource
19.5.5.3
Delegated Admins by Resource
19.5.5.4
Entitlement Access List
19.5.5.5
Entitlement Access List History
19.5.5.6
Financially Significant Resource Details
19.5.5.7
Resource Access List History
19.5.5.8
Resource Access List
19.5.5.9
Resource Account Summary
19.5.5.10
Resource Activity Summary
19.5.5.11
User Resource Access History
19.5.5.12
User Resource Access
19.5.5.13
User Resource Entitlement
19.5.5.14
User Resource Entitlement History
19.5.6
User Reports
19.5.6.1
User Profile History
19.5.6.2
User Summary
19.5.6.3
Users Deleted
19.5.6.4
Users Disabled
19.5.6.5
Users Unlocked
19.5.7
Certification Reports
19.5.8
Exception Reports
19.5.8.1
Fine Grained Entitlement Exceptions By Resource
19.5.8.2
Orphaned Account Summary
19.5.8.3
Rogue Accounts By Resource
19.5.9
Best Practices for Running Oracle Identity Manager Reports
19.6
Creating Reports Using Third-Party Software
19.7
Required Scheduled Tasks for BI Publisher Reports
20
Using the Archival Utilities
20.1
Using the Reconciliation Archival Utility
20.1.1
Understanding the Reconciliation Archival Utility
20.1.2
Prerequisite for Running the Reconciliation Archival Utility
20.1.3
Archival Criteria
20.1.4
Running the Reconciliation Archival Utility
20.1.5
Log File Generated by the Reconciliation Archival Utility
20.2
Using the Task Archival Utility
20.2.1
Understanding the Task Archival Utility
20.2.2
Preparing Oracle Database for the Task Archival Utility
20.2.3
Running the Task Archival Utility
20.2.4
Reviewing the Output Files Generated by the Task Archival Utility
20.3
Using the Requests Archival Utility
20.3.1
Understanding the Requests Archival Utility
20.3.2
Prerequisites for Running the Requests Archival Utility
20.3.3
Input Parameters
20.3.4
Running the Requests Archival Utility
20.3.5
Log Files Generated by the Utility
20.4
Using the Audit Archival and Purge Utility
20.4.1
Overview
20.4.2
Prerequisites for Using the Utility
20.4.3
Preparing the UPA Table for Archival and Purge
20.4.4
Archiving or Purging the UPA Table
20.4.4.1
Partitions That Must Not Be Archived or Purged
20.4.4.2
Ongoing Partition Maintenance
20.4.4.3
Archiving or Purging Partitions in the UPA Table
Part IX Diagnostics and Troubleshooting
21
Configuring Logging
21.1
Logging in Oracle Identity Manager By Using ODL
21.1.1
Message Types and Levels
21.1.2
Log Handler and Logger Configuration
21.1.3
Configuring Log Handlers
21.1.3.1
Log Handler Configuration Tools
21.1.4
Configuring Loggers
21.1.5
Sample ODL Log Output
21.2
Logging in Oracle Identity Manager By Using log4j
21.2.1
Log Levels
21.2.2
Loggers
21.2.3
Configuring and Enabling Logging
21.3
Setting Warning State
22
Managing Asynchronous Execution
22.1
Overview of AsyncService
22.2
Async Routing and Configuration
22.2.1
Configuration Parameters
22.3
Troubleshooting Failed Async Tasks
22.3.1
Automated Retry Error Handling Mechanism
22.3.2
Manual Retry Error Handling Mechanism
22.4
Working with the Diagnostic Dashboard UI
22.4.1
Starting the Diagnostic Dashboard UI
22.4.2
Viewing Failed Async Tasks
22.4.2.1
To view failed async tasks
22.4.3
Retrying Failed Async Tasks
22.4.3.1
To retry failed Async task
22.4.4
Resubmitting Failed Async Tasks
22.4.5
Purging Failed Async Tasks
22.4.5.1
To purge failed Async tasks
23
Using Enterprise Manager for Managing Oracle Identity Manager Configuration
23.1
Using MBeans for Configuration Changes
23.2
Exporting and Importing Configuration Files
24
Setting the Language for Users
25
Working with the Diagnostic Dashboard
25.1
Overview of the Diagnostic Dashboard
25.2
Installing the Diagnostic Dashboard
25.2.1
Installing the Diagnostic Dashboard on Oracle WebLogic Server
25.3
Starting the Diagnostic Dashboard
25.4
Using the Diagnostic Dashboard
25.5
Running Tests By Using the Diagnostic Dashboard
25.5.1
Oracle Database Prerequisites Check
25.5.2
Database Connectivity Check
25.5.3
Account Lock Status
25.5.4
Data Encryption Key Verification
25.5.5
Scheduler Service Status
25.5.6
Remote Manager Status
25.5.7
JMS Messaging Verification
25.5.8
Target System SSL Trust Verification
25.5.9
Java VM System Properties Report
25.5.10
Oracle Identity Manager Libraries and Extensions Version Report
25.5.11
Oracle Identity Manager Libraries and Extensions Manifest Report
25.5.12
Test Basic Connectivity
25.5.13
Test Provisioning
25.5.14
Test Reconciliation
25.5.15
SOA-Oracle Identity Manager Configuration Check
25.5.16
Request Diagnostic Information
25.5.17
Orchestration Status
25.5.18
Retry Failed Orchestration
25.5.19
SPML Web Service
25.5.20
Test OWSM Setup
25.5.21
Test SPML to Oracle Identity Manager Request Invocation
25.5.22
SPML Attributes to Oracle Identity Manager Attributes
25.5.23
Username Test
25.5.24
Diagnose Creation of User and Role in Oracle Identity Manager and LDAP
25.5.25
Diagnose LDAP Reserve Container
25.5.26
Validate Recon Profile
25.5.27
Notification Configuration Test
25.5.28
Diagnose LDAP Connection
25.5.29
Diagnose OIM Callback Webservice
26
Enabling Diagnostics
26.1
Enabling Diagnostics in Oracle Identity Manager
26.2
Troubleshooting Dynamic Configuration-Related Problems
26.2.1
Roles in Oracle Identity Manager and Identity Store in Inconsistent State
26.2.2
Postenablement of the oamEnabled Flag Causes Issues
26.2.3
Run-time Evaluation of LDAP Containers Defined in LDAPContainerRules.xml
27
Handling Errors
Part X Additional Components
28
Installing and Configuring a Remote Manager
28.1
Overview of the Remote Manager Configuration
28.2
Configuring the Remote Manager
28.2.1
Adding the Trust Relation
28.2.2
Configuring the Remote Manager by Using Your Own Certificate
28.2.3
Testing the Remote Manager Connection
28.2.4
Updating the xlconfig.xml File to Change the Port for Remote Manager
28.3
Stopping and Starting the Remote Manager
28.4
Troubleshooting Remote Manager
29
Using the Form Version Control Utility
29.1
Use Cases Supported by the FVC Utility
29.2
Use Cases That Are Not Supported by the FVC Utility
29.3
Summary of the Form Version Control Process
29.4
Components of the FVC Utility
29.5
Using the FVC Utility
29.5.1
Preparing the Properties File
29.5.2
Addressing Prerequisites for Using the FVC Utility
29.5.3
Running the Utility
29.6
Troubleshooting
30
Starting and Stopping Servers
30.1
Configuring the Node Manager
30.2
Starting the Node Manager
30.3
Starting or Stopping WebLogic Administration Server
30.4
Starting or Stopping WebLogic Managed Servers
30.4.1
Starting or Stopping the Managed Servers By Using Command Prompt
30.4.2
Starting or Stopping the Managed Server By Using Oracle Enterprise Manager Fusion Middleware Control
30.4.3
Starting or Stopping Servers By Using Oracle WebLogic Server Administration Console
31
Enabling Secure Cookies
32
Integrating with Other Oracle Components
32.1
Oracle Access Manager
32.2
Oracle Adaptive Access Manager
32.3
Oracle Identity Analytics
32.3.1
Integration Configuration in Oracle Identity Analytics
32.3.2
Integration Configuration in Oracle Identity Manager
32.3.2.1
The DataCollectionOperationsIntf API Interface
32.3.2.2
Staging Tables
32.3.2.3
Data Collection Process
32.4
Oracle Identity Navigator
32.5
Oracle Virtual Directory
32.6
Oracle Service-Oriented Architecture
32.7
Oracle Business Intelligence Publisher
33
Handling Lifecycle Management Changes
33.1
URL Changes Related to Oracle Identity Manager
33.1.1
Oracle Identity Manager Host and Port Changes
33.1.1.1
Changing OimFrontEndURL in Oracle Identity Manager Configuration
33.1.1.2
Changing backOfficeURL in Oracle Identity Manager Configuration
33.1.2
Oracle Identity Manager Database Host and Port Changes
33.1.3
Oracle Virtual Directory Host and Port Changes
33.1.4
BI Publisher Host and Port Changes
33.1.5
SOA Host and Port Changes
33.1.6
OAM Host and Port Changes
33.2
Password Changes Related to Oracle Identity Manager
33.2.1
Changing Oracle WebLogic Administrator Password
33.2.2
Changing Oracle Identity Manager Administrator Password
33.2.3
Changing Oracle Identity Manager Administrator Database Password
33.2.3.1
Resetting System Administrator Database Password in Oracle Identity Manager Deployment
33.2.3.2
Resetting System Administrator Database Password When Oracle Identity Manager Deployment is Integrated With Access Manager
33.2.4
Changing Oracle Identity Manager Database Password
33.2.5
Changing Oracle Identity Manager Passwords in the Credential Store Framework
33.2.6
Changing OVD Password
33.2.7
Changing Oracle Identity Manager Administrator Password in LDAP
33.2.8
Unlocking Oracle Identity Manager Administrator Password in LDAP
33.3
Configuring SSL for Oracle Identity Manager
33.3.1
Generating Keys
33.3.2
Signing the Certificates
33.3.3
Exporting the Certificate
33.3.4
Importing the Certificate
33.3.5
Enabling SSL for Oracle Identity Manager and SOA Servers
33.3.5.1
Enabling SSL for Oracle Identity Manager
33.3.5.2
Changing OimFrontEndURL to Use SSL Port
33.3.5.3
Changing backOfficeURL to Use SSL Port
33.3.5.4
Changing SOA Server URL to Use SSL Port
33.3.5.5
Configuring SSL for Design Console
33.3.5.6
Configuring SSL for Oracle Identity Manager Utilities
33.3.5.7
Configuring SSL for SPML/Callback Domain
33.3.5.8
Connecting Oracle Identity Manager With SOA
33.3.6
Enabling SSL for Oracle Identity Manager DB
33.3.6.1
Setting Up DB in Server-Authentication SSL Mode
33.3.6.2
Creating KeyStores and Certificates
33.3.6.3
Updating Oracle Identity Manager
33.3.6.4
Updating WebLogic Server
33.3.7
Enabling SSL for LDAP Synchronization
33.3.7.1
Enabling OVD-OID with SSL
33.3.7.2
Updating Oracle Identity Manager for OVD Host/Port
33.3.7.3
Enabling Managed WebLogic Server with SSL
34
Managing Identity and Resource Information
34.1
Overview of User Management
34.2
Managing Organization Information
34.3
Viewing Resources Allowed or Disallowed for Users
34.3.1
Policy History Tab
34.4
Assigning Role Entitlements
35
Securing a Deployment
Part XI Appendixes
A
Configuring SSO Providers for Oracle Identity Manager
A.1
Enabling Oracle Identity Manager to Work With OpenSSO
A.1.1
Prerequisites
A.1.2
Integrating Oracle Identity Manager with OpenSSO
A.1.3
Running Validation Tests to Verify the Configuration
A.2
Enabling Oracle Identity Manager to Work With IBM Tivoli Access Manager
A.2.1
Prerequisites
A.2.2
Integrating Oracle Identity Manager with IBM Tivoli Access Manager
A.2.3
Running Validation Tests to Validate the Configuration
A.3
Enabling Oracle Identity Manager to Work With CA SiteMinder
A.3.1
Prerequisites
A.3.2
Integrating Oracle Identity Manager with CA SiteMinder
A.3.3
Running Validation Tests to Validate the Configuration
A.4
Configuring SSO for XIMDD
B
Localizing Challenge Questions and Responses
Index
Scripting on this page enhances content navigation, but does not change the content in any way.