1/30
Contents
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
Part I Introduction and Preparation
1
Introduction
1.1
Overview of Oracle Identity and Access Management 11
g
Release 2 (11.1.2.1.0)
1.2
Additional 11
g
Release 2 (11.1.2.1.0) Deployment Information
1.2.1
Upgrading to Oracle Identity and Access Management 11
g
Release 2 (11.1.2.1.0)
1.2.2
Installing Oracle Identity and Access Management 11
g
Release 2 (11.1.2.1.0) for High Availability
1.2.3
Deploying Oracle Unified Directory with Oracle Identity and Access Management 11
g
Release 2 (11.1.2.1.0)
1.3
Silent Installation
1.4
Understanding the State of Oracle Identity and Access Management Components After Installation
1.4.1
Default SSL Configurations
1.4.2
Default Passwords
1.5
Using This Guide
2
Preparing to Install
2.1
Reviewing System Requirements and Certification
2.2
Installing and Configuring Java Access Bridge (Windows Only)
2.3
Identifying Installation Directories
2.3.1
Oracle Middleware Home Location
2.3.2
Oracle Home Directory
2.3.3
Oracle Common Directory
2.3.4
Oracle WebLogic Domain Directory
2.3.5
WebLogic Server Directory
2.4
Determining Port Numbers
2.5
Locating Installation Log Files
2.6
Optional: Updating the WebLogic Administrator Server User Name in Oracle Enterprise Manager Fusion Middleware Control (OIM Only)
Part II Installing and Configuring Oracle Identity and Access Management (11.1.2.1.0)
3
Installing and Configuring Oracle Identity and Access Management (11.1.2.1.0)
3.1
Installation and Configuration Roadmap
3.2
Installing and Configuring Oracle Identity and Access Management 11
g
Release 2 (11.1.2.1.0)
3.2.1
Obtaining the Oracle Fusion Middleware Software
3.2.2
Database Requirements
3.2.2.1
Oracle Database Patch Requirements for Oracle Identity Manager
3.2.3
Creating Database Schema Using the Oracle Fusion Middleware Repository Creation Utility (RCU)
3.2.4
WebLogic Server and Middleware Home Requirements
3.2.5
Installing Oracle SOA Suite (Oracle Identity Manager Users Only)
3.2.6
Starting the Oracle Identity and Access Management Installer
3.2.7
Installing Oracle Identity and Access Management 11
g
Release 2 (11.1.2.1.0)
3.2.7.1
Products Installed
3.2.7.2
Dependencies
3.2.7.3
Procedure
3.2.7.4
Understanding the Directory Structure After Installation
3.2.8
Configuring Oracle Identity and Access Management (11.1.2.1.0) Products
3.2.9
Configuring Database Security Store for an Oracle Identity and Access Management Domain
3.2.9.1
Overview
3.2.9.2
Before Configuring Database Security Store
3.2.9.3
Configuring the Database Security Store
3.2.9.4
Example Scenarios for Configuring the Database Security Store
3.2.10
Starting the Servers
4
Configuring Oracle Identity Navigator
4.1
Important Note Before You Begin
4.2
Installation and Configuration Roadmap for Oracle Identity Navigator
4.3
Configuring Oracle Identity Navigator in a New WebLogic Domain
4.3.1
Appropriate Deployment Environment
4.3.2
Components Deployed
4.3.3
Dependencies
4.3.4
Procedure
4.4
Starting the Servers
4.5
Verifying Oracle Identity Navigator
4.6
Getting Started with Oracle Identity Navigator After Installation
5
Configuring Oracle Identity Manager
5.1
Important Notes Before You Start Configuring Oracle Identity Manager
5.2
Installation and Configuration Roadmap for Oracle Identity Manager
5.3
Creating a new WebLogic Domain for Oracle Identity Manager and SOA
5.3.1
Appropriate Deployment Environment
5.3.2
Components Deployed
5.3.3
Dependencies
5.3.4
Procedure
5.4
Starting the Servers
5.5
Overview of Oracle Identity Manager Configuration
5.5.1
Before Configuring Oracle Identity Manager Server, Design Console, or Remote Manager
5.5.1.1
Prerequisites for Configuring Oracle Identity Manager Server
5.5.1.2
Prerequisites for Configuring Only Oracle Identity Manager Design Console on a Different Machine
5.5.1.3
Prerequisites for Configuring Only Oracle Identity Manager Remote Manager on a Different Machine
5.5.2
Oracle Identity Manager Configuration Scenarios
5.5.2.1
Scope of Configuration Using the Oracle Identity Manager 11
g
Configuration Wizard
5.5.2.2
Scenario 1: Oracle Identity Manager Server and Design Console on Different Machines
5.5.2.3
Scenario 2: Oracle Identity Manager Server and Remote Manager on Different Machines
5.5.2.4
Scenario 3: Oracle Identity Manager Server, Design Console, and Remote Manager on a Single Windows Machine
5.6
Starting the Oracle Identity Manager 11
g
Configuration Wizard
5.7
Configuring Oracle Identity Manager Server
5.7.1
Appropriate Deployment Environment
5.7.2
Components Deployed
5.7.3
Dependencies
5.7.4
Procedure
5.7.5
Completing the Prerequisites for Enabling LDAP Synchronization
5.7.5.1
Preconfiguring the Identity Store
5.7.5.2
Creating Adapters in Oracle Virtual Directory
5.7.6
Running the LDAP Post-Configuration Utility
5.7.7
Verifying the LDAP Synchronization
5.7.8
Post-Configuration Steps
5.7.9
Setting oamEnabled Parameter for Identity Virtualization Library
5.7.10
Enabling LDAP Sync after Installing and Configuring Oracle Identity Manager Server at a Later Point
5.8
Optional: Configuring Oracle Identity Manager Design Console
5.8.1
Appropriate Deployment Environment
5.8.2
Components Deployed
5.8.3
Dependencies
5.8.4
Procedure
5.8.5
Post-Configuration Steps
5.8.6
Updating the xlconfig.xml File to Change the Port for Design Console
5.8.7
Configuring Design Console to Use SSL
5.9
Optional: Configuring Oracle Identity Manager Remote Manager
5.9.1
Appropriate Deployment Environment
5.9.2
Components Deployed
5.9.3
Dependencies
5.9.4
Procedure
5.10
Verifying the Oracle Identity Manager Installation
5.11
Changing Memory Settings for Oracle Identity Manager
5.12
Setting Up Integration with Oracle Access Management
5.13
List of Supported Languages
5.14
Using the Diagnostic Dashboard
5.15
Getting Started with Oracle Identity Manager After Installation
6
Configuring Oracle Access Management
6.1
Overview
6.2
Important Note Before You Begin
6.3
Installation and Configuration Roadmap for Oracle Access Management
6.4
Optional: Enabling TDE in Database
6.5
Oracle Access Management in a New WebLogic Domain
6.5.1
Appropriate Deployment Environment
6.5.2
Components Deployed
6.5.3
Dependencies
6.5.4
Procedure
6.6
Starting the Servers
6.7
Optional Post-Installation Tasks
6.8
Verifying the Oracle Access Management Installation
6.9
Setting Up Oracle Access Manager Agents
6.10
Setting Up Integration with OIM
6.11
Getting Started with Oracle Access Management After Installation
7
Configuring Oracle Adaptive Access Manager
7.1
Overview
7.2
Important Note Before You Begin
7.3
Installation and Configuration Roadmap for Oracle Adaptive Access Manager
7.4
Oracle Adaptive Access Manager in a New WebLogic Domain
7.4.1
Appropriate Deployment Environment
7.4.2
Components Deployed
7.4.3
Dependencies
7.4.4
Procedure
7.5
Configuring Oracle Adaptive Access Manager (Offline)
7.5.1
Components Deployed
7.5.2
Dependencies
7.5.3
Procedure
7.6
Starting the Servers
7.7
Post-Installation Steps
7.8
Verifying the Oracle Adaptive Access Manager Installation
7.9
Getting Started with Oracle Adaptive Access Manager After Installation
8
Installing and Configuring Oracle Entitlements Server
8.1
Important Note Before You Begin
8.2
Overview of Oracle Entitlements Server 11
g
Installation
8.3
Installation and Configuration Roadmap for Oracle Entitlements Server
8.4
Configuring Oracle Entitlements Server Administration Server
8.4.1
Components Deployed
8.4.2
Extracting Apache Derby Template (Optional)
8.4.3
Configuring Oracle Entitlements Server in a New WebLogic Domain
8.4.4
Configuring Security Store for Oracle Entitlements Server Administration Server
8.4.5
Starting the Administration Server
8.4.6
Verifying Oracle Entitlements Server Administration Server Configuration
8.5
Installing Oracle Entitlements Server Client
8.5.1
Prerequisites
8.5.2
Obtaining Oracle Entitlements Server Client Software
8.5.3
Installing Oracle Entitlements Server Client
8.5.4
Verifying Oracle Entitlements Server Client Installation
8.5.5
Applying a Patch Using OPatch
8.6
Configuring Oracle Entitlements Server Client
8.6.1
Configuring Distribution Modes
8.6.1.1
Configuring Controlled Push Distribution Mode
8.6.1.2
Configuring Non-Controlled and Controlled Pull Distribution Mode
8.6.2
Configuring Security Modules in a Controlled Push Mode (Quick Configuration)
8.6.2.1
Configuring Java Security Module in a Controlled Push Mode
8.6.2.2
Configuring RMI Security Module in a Controlled Push Mode
8.6.2.3
Configuring Web Service Security Module in a Controlled Push Mode
8.6.2.4
Configuring Oracle WebLogic Server Security Module in a Controlled Push Mode
8.6.3
Configuring Security Modules
8.6.3.1
Configuring WebLogic Server Security Module
8.6.3.2
Configuring Web Service Security Module
8.6.3.3
Configuring Web Service Security Module on Oracle WebLogic Server
8.6.3.4
Configuring Oracle Service Bus Security Module
8.6.3.5
Configuring IBM WebSphere Security Module
8.6.3.6
Configuring JBoss Security Module
8.6.3.7
Configuring the Apache Tomcat Security Module
8.6.3.8
Configuring Java Security Module
8.6.3.9
Configuring RMI Security Module
8.6.3.10
Configuring Microsoft .NET Security Module
8.6.3.11
Configuring Microsoft SharePoint Server (MOSS) Security Module
8.6.4
Locating Security Module Instances
8.6.5
Using the Java Security Module
8.6.6
Configuring the PDP Proxy Client
8.7
Getting Started with Oracle Entitlements Server After Installation
9
Configuring Oracle Privileged Account Manager
9.1
Overview
9.2
Important Note Before You Begin
9.3
Installation and Configuration Roadmap for Oracle Privileged Account Manager
9.4
Optional: Enabling TDE in Oracle Privileged Account Manager Data Store
9.4.1
Enabling TDE in the Database
9.4.2
Enabling Encryption in OPAM Schema
9.5
Configuring Oracle Privileged Account Manager and Oracle Identity Navigator in a New WebLogic Domain
9.5.1
Deployment Environment
9.5.2
Components Deployed
9.5.3
Dependencies
9.5.4
Procedure
9.6
Starting the Oracle WebLogic Administration Server
9.7
Post-Installation Tasks
9.8
Starting the Managed Server
9.9
Assigning the Application Configurator Role to a User
9.10
Optional: Setting Up Non-TDE Mode
9.11
Configuring OPAM Console
9.12
Verifying Oracle Privileged Account Manager
9.13
Getting Started with Oracle Privileged Account Manager After Installation
10
Configuring Oracle Access Management Mobile and Social
10.1
Overview
10.2
Important Note Before You Begin
10.3
Installation and Configuration Roadmap for Oracle Access Management Mobile and Social
10.4
Oracle Access Management Mobile and Social Configuration Scenarios
10.4.1
Oracle Access Management Mobile and Social with Oracle Access Manager 11gR2
10.4.1.1
Overview
10.4.1.2
Appropriate Deployment Environment
10.4.1.3
Components Deployed
10.4.1.4
Dependencies
10.4.1.5
Procedure
10.4.2
Oracle Access Management Mobile and Social Standalone in a New WebLogic Domain
10.4.2.1
Overview
10.4.2.2
Appropriate Deployment Environment
10.4.2.3
Components Deployed
10.4.2.4
Dependencies
10.4.2.5
Procedure
10.5
Verifying Oracle Access Management Mobile and Social
10.6
Getting Started with Oracle Access Management Mobile and Social After Installation
11
Lifecycle Management
11.1
How Lifecycle Events Impact Integrated Components
11.2
LCM for Oracle Identity Manager
11.3
LCM for Oracle Access Manager
11.4
LCM for Oracle Adaptive Access Manager
11.5
LCM for Oracle Identity Navigator
11.6
References
Part III Appendixes
A
Oracle Identity and Access Management 11
g
Release 2 (11.1.2.1.0) Software Installation Screens
A.1
Welcome
A.2
Install Software Updates
A.3
Prerequisite Checks
A.4
Specify Installation Location
A.5
Installation Summary
A.6
Installation Progress
A.7
Installation Complete
B
Oracle Identity Manager Configuration Screens
B.1
Welcome
B.2
Components to Configure
B.3
Database
B.4
WebLogic Admin Server
B.5
OIM Server
B.6
LDAP Server
B.7
LDAP Server Continued
B.8
Configuration Summary
C
Starting or Stopping the Oracle Stack
C.1
Starting the Stack
C.2
Stopping the Stack
C.3
Restarting Servers
D
Preconfiguring Oracle Directory Server Enterprise Edition (ODSEE)
E
Preconfiguring Oracle Unified Directory (OUD)
F
Preconfiguring Oracle Internet Directory (OID)
G
Creating Oracle Entitlement Server Schemas for Apache Derby
H
Configuring the PDP Proxy Client for Web Service Security Module
I
Deinstalling and Reinstalling Oracle Identity and Access Management
I.1
Deinstalling Oracle Identity and Access Management
I.1.1
Deinstalling the Oracle Identity and Access Management Oracle Home
I.1.2
Deinstalling the Oracle Common Home
I.2
Reinstalling Oracle Identity and Access Management
J
Performing Silent Installations
J.1
What is a Silent Installation?
J.2
Before Performing a Silent Installation
J.2.1
UNIX Systems: Creating the oraInst.loc File
J.2.2
Windows Systems: Creating the Registry Key
J.3
Creating Response Files
J.3.1
OIM, OAM, OAAM, OES, and OIN
J.3.2
Securing Your Silent Installation
J.4
Performing a Silent Installation
J.5
Installer Command Line Parameters
K
Troubleshooting the Installation
K.1
General Troubleshooting Tips
K.2
Installation Log Files
K.3
Configuring OIM Against an Existing OIM 11
g
Schema
K.4
Need More Help?
L
Oracle Adaptive Access Manager Partition Schema Reference
L.1
Overview
L.2
Partition Add Maintenance
L.2.1
Sp_Oaam_Add_Monthly_Partition
L.2.2
Sp_Oaam_Add_Weekly_Partition
L.3
Partition Maintenance Scripts
L.3.1
drop_monthly_partition_tables.sql
L.3.2
drop_weekly_partition_tables.sql
L.3.3
add_monthly_partition_tables.sql
L.3.4
add_weekly_partition_tables.sql
M
Software Deinstallation Screens
M.1
Welcome
M.2
Select Deinstallation Type
M.2.1
Option 1: Deinstall Oracle Home
M.2.1.1
Deinstall Oracle Home
M.2.2
Option 2: Deinstall ASInstances managed by WebLogic Domain
M.2.2.1
Specify WebLogic Domain Detail
M.2.2.2
Select Managed Instance
M.2.2.3
Deinstallation Summary (Managed Instance)
M.2.3
Option 3: Deinstall Unmanaged ASInstances
M.2.3.1
Specify Instance Location
M.2.3.2
Deinstallation Summary (Unmanaged ASInstance)
M.3
Deinstallation Progress
M.4
Deinstallation Complete
Scripting on this page enhances content navigation, but does not change the content in any way.