1/55
Contents
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
Part I Overview
1
Oracle Identity System Administration Interface
1.1
Logging in to Oracle Identity Manager System Administration Console
1.2
Overview of the Oracle Identity Manager System Administration Console
1.2.1
Links
1.2.1.1
Accessibility
1.2.1.2
Sandboxes
1.2.1.3
Help
1.2.1.4
Sign Out
1.2.2
Left and Right Panes
1.2.2.1
Event Management
1.2.2.2
Certifications
1.2.2.3
Policies
1.2.2.4
Configuration
1.2.2.5
System Entities
1.2.2.6
System Management
1.2.2.7
Upgrade
Part II Policy Administration
2
Managing Approval Policies
2.1
Approval Selection Methodologies
2.1.1
Request-Level Methodology
2.1.2
Operation-Level Methodology: Organization-Based Selection
2.1.3
Operation-Level Methodology: Role-Based Selection
2.1.4
Operation-Level Methodology: Application Instance-Based Selection
2.2
Creating Approval Policies
2.3
Searching Approval Policies
2.4
Modifying Approval Policies
2.5
Modifying the Priority of an Approval Policy
2.6
Deleting Approval Policies
2.7
General Guidelines
3
Managing Access Policies
3.1
Terminologies Used in Access Policies
3.2
Features of Access Policies
3.2.1
Provisioning Options
3.2.2
Revoking or Disabling the Policy
3.2.3
Denying a Resource
3.2.4
Evaluating Policies
3.2.5
Evaluating Policies for Reconciled and Bulk Load-Created Accounts
3.2.6
Access Policy Priority
3.2.7
Access Policy Data
3.2.8
Provisioning Multiple Instances of the Same Resource via Access Policy by Using Account Discriminator
3.3
Creating Access Policies
3.4
Managing Access Policies
3.5
Provisioning Multiple Instances of the Same Resource via Access Policy
3.5.1
Enabling Multiple Account Provisioning
3.5.2
Creating Separate Accounts for the Same User and Same Resource on a Single Target System
3.5.3
Provisioning Multiple Instances of a Resource to Multiple Target Systems
3.5.4
Limitation of Provisioning Multiple Instances of a Resource via Access Policy
3.6
Troubleshooting Issues with Evaluate User Policy Scheduled Job
4
Managing Password Policies
4.1
Searching Password Policies
4.2
Creating a Password Policy
4.3
Setting Password Policy Rules
4.4
Deleting a Password Policy
4.5
Setting Password Policy for an Organization
5
Managing Attestation Processes
5.1
About Attestation
5.1.1
Definition of an Attestation Process
5.1.1.1
Attestation Process Control
5.1.2
Components of Attestation Tasks
5.1.2.1
Attestation Inbox
5.1.3
Attestation Request
5.1.4
Delegation
5.1.5
Attestation Lifecycle Process
5.1.5.1
Stage 1: Creation of an Attestation Task
5.1.5.2
Stage 2: Acting on an Attestation Task
5.1.5.3
Stage 3: Processing a Submitted Attestation Task
5.1.6
Attestation Engine
5.1.7
Attestation Scheduled Task
5.1.8
Attestation-Driven Workflow Capability
5.1.9
Attestation E-Mail
5.1.9.1
Notify Attestation Reviewer
5.1.9.2
Notify Delegated Reviewers
5.1.9.3
Notify Process Owner About Declined Attestation Entitlements
5.1.9.4
Notify Process Owner About Reviewers with No E-Mail Defined
5.2
Attestation Process Configuration
5.2.1
Menu Structure
5.2.2
System Control
5.3
Creating Attestation Processes
5.4
Managing Attestation Processes
5.4.1
Editing Attestation Processes
5.4.2
Disabling Attestation Processes
5.4.3
Enabling Attestation Processes
5.4.4
Deleting Attestation Processes
5.4.5
Running Attestation Processes
5.4.6
Managing Attestation Process Administrators
5.4.7
Viewing Attestation Process Execution History
5.5
Using the Attestation Dashboard
5.5.1
Viewing Attestation Request Details
5.5.2
E-Mail Notification
5.5.3
Attestation Grace Period Checker Scheduled Task
Part III Identity Certification
6
Managing Identity Certification
6.1
Certification Concepts
6.1.1
Line of Business and Line Item
6.1.2
Certification Task
6.1.3
Certification Object
6.1.4
Certification Definition
6.1.5
Certification Jobs
6.1.6
Closed-Loop Remediation
6.1.7
Remediation Tracking
6.1.8
Event Listener
6.1.9
Certification Authorization
6.2
Configuring Certifications
6.2.1
Prerequisites for Configuring Certifications
6.2.1.1
Marking a Catalog Item as Certifiable
6.2.1.2
Setting the Certifier in the Request Catalog
6.2.1.3
Setting User Manager and Organization Certifier
6.2.1.4
Setting Risk Levels for Individual Entities
6.2.1.5
Tagging Attributes
6.2.1.6
Configuring the Availability of Identity Certification
6.2.1.7
Configuring Reminders, Notifications, Escalations, and Expiry for Certifications (Optional)
6.2.2
Configuring Certification Options in Identity System Administration
6.3
Managing Certification Definitions
6.3.1
Creating Certification Definitions
6.3.1.1
Creating a User Certification Definition
6.3.1.2
Creating a Role Certification Definition
6.3.1.3
Creating an Application Instance Certification Definition
6.3.1.4
Creating an Entitlement Certification Definition
6.3.2
Modifying Certification Definitions
6.3.3
Deleting Certification Definitions
6.4
Scheduling Certifications
6.5
Understanding How Risk Summaries are Calculated
6.5.1
Understanding Item Risk and Risk-Factor Mappings
6.5.1.1
Setting Item Risk
6.5.1.2
Understanding Risk-Level Mappings (Risk Factors)
6.5.2
Understanding Risk Aggregation and Risk Summaries
6.5.3
Understanding How Changing Risk Configuration Values Impacts the System
6.6
Understanding Closed-Loop Remediation and Remediation Tracking
6.6.1
Configuring Challenge Workflows
6.7
Understanding Event Listeners
6.8
Configuring Event Listeners and Certification Event Trigger Jobs
6.8.1
Creating an Event Listener
6.8.2
Modifying an Event Listener
6.8.3
Deleting an Event Listener
6.8.4
Configuring Certification Event Trigger Jobs
6.8.4.1
Setting the Event Listener Name List
6.8.4.2
Adding More Trigger Jobs
6.9
Configuring Certification Reports
6.10
Understanding Multi-Phased Review in User Certification
6.10.1
Multiple Phases of Review
6.10.2
Delegation to Multiple Reviewers Within Each Phase
6.10.3
Stages of Certification in TPAD
6.10.3.1
Phase One With Verification
6.10.3.2
Phase Two With Verification
6.10.3.3
Final Review
6.11
Understanding Certification Oversight
6.11.1
Customizing Certification Oversight
6.12
Troubleshooting Identity Certification
Part IV Form Management
7
Managing Forms
7.1
Creating Forms By Using the Form Designer
7.2
Searching Forms By Using the Form Designer
7.3
Modifying Forms By Using the Form Designer
7.3.1
Removing or Hiding Form Attributes
8
Configuring Custom Attributes
8.1
Creating a Custom Attribute
8.2
Creating a Custom Child Form
8.3
Creating a Custom Child Form Attribute
8.4
Modifying a Custom Attribute
8.5
Adding a Custom Attribute
8.5.1
Enabling the Submit Button After Adding a UDF to the Modify User Form
8.5.2
Adding a Custom Attribute Category into Create User Form
8.6
Adding a Custom Attribute to an Application Instance Form
8.6.1
Regenerating View
8.6.2
Updating the Application Instance Form By Using WebCenter Composer
8.7
Moving UDFs from Test to Production
8.7.1
Moving UDFs Added to Catalog Entities
8.7.2
Moving UDFs Added to User Forms
8.7.2.1
Exporting the UDF from the Test Environment
8.7.2.2
Importing the UDF into the Production Environment
8.8
Synchronizing User-Defined Fields Between Oracle Identity Manager and LDAP
8.9
Attribute Definitions
8.10
Creating Cascaded LOVs
8.11
Localizing Display Labels of UDFs
8.12
Configuring a Field as Mandatory Attribute in the Request Catalog
Part V Application Management
9
Managing Application Instances
9.1
Application Instance Concepts
9.1.1
Multiple Accounts Per Application Instance
9.1.2
Entitlements
9.1.3
Disconnected Application Instances
9.1.4
Application Instance Security
9.2
Managing Application Instances
9.2.1
Creating Application Instances
9.2.2
Searching Application Instances
9.2.3
Modifying Application Instances
9.2.3.1
Modifying Application Instance Attributes
9.2.3.2
Managing Organizations Associated With Application Instances
9.2.3.3
Managing Entitlements Associated With Application Instances
9.2.4
Deleting Application Instances
9.2.5
Creating and Modifying Forms
9.2.5.1
Creating Forms Associated With Application Instances
9.2.5.2
Modifying Forms Associated With Application Instances
9.2.5.3
Localizing Application Instance Form
9.3
Configuring Application Instances
9.3.1
Configuring a Resource Object
9.3.2
Configuring IT Resource
9.3.3
Configuring Password Policies for Application Instances
9.4
Developing Entitlements
9.4.1
Available Entitlements and Assigned Entitlements
9.4.2
Entitlement Data Capture Process
9.4.3
Marking Entitlement Attributes on Child Process Forms
9.4.4
Duplicate Validation for Entitlements or Child Data
9.4.5
Configuring Scheduled Tasks for Working with Entitlement Data
9.4.5.1
Entitlement List
9.4.5.2
Entitlement Assignments
9.4.6
Deleting Entitlement
9.4.7
Refreshing the Entitlement List Post Delete for New Entries
9.4.8
Disabling the Capture of Modifications to Assigned Entitlements
9.4.9
Entitlement-Related Reports
9.4.9.1
Entitlement Access List
9.4.9.2
Entitlement Access List History
9.4.9.3
User Resource Entitlement
9.4.9.4
User Resource Entitlement History
9.5
Managing Sunrise and Sunset of Accounts and Entitlements
9.5.1
Sunrise and Sunset of Accounts
9.5.2
Sunrise and Sunset of Entitlements
9.5.3
Enabling Sunrise and Sunset of Accounts and Entitlements
10
Managing Disconnected Resources
10.1
Disconnected Resources Architecture
10.2
Managing Disconnected Application Instance
10.2.1
Creating a Disconnected Application Instance
10.2.2
Creating a Disconnected Application Instance for an Existing Disconnected Resource
10.3
Provisioning Operations on a Disconnected Application Instance
10.3.1
Process Form Updates
10.4
Managing Entitlement for Disconnected Resource
10.4.1
Configuring Entitlement Grant
10.5
Status Changes in Manual Process Task Action
10.6
Customizing Provisioning SOA Composite
10.6.1
Customizing Human Task Assignment via SOA Composer
10.6.2
Customizing by Modifying the Out of the Box Composite
10.7
Troubleshooting Disconnected Resources
11
Managing Lookups
11.1
Searching a Lookup Type
11.2
Creating a Lookup Type
11.3
Modifying a Lookup Type
12
Managing Connector Lifecycle
12.1
Lifecycle of a Connector
12.2
Connector Lifecycle and Change Management Terminology
12.3
Viewing Connector Details
12.4
Installing Connectors
12.4.1
Overview of the Connector Deployment Process
12.4.2
Creating the User Account for Installing Connectors
12.4.3
Installing a Connector
12.4.4
Post Installation Steps
12.5
Defining Connectors
12.6
Cloning Connectors
12.6.1
Guidelines for Cloning a Connector
12.6.2
Cloning a Connector
12.6.3
Postcloning Steps
12.7
Exporting Connector Object Definitions in Connector XML Format
12.8
Upgrading Connectors
12.8.1
Upgrade Use Cases Supported by the Connector Upgrade Feature
12.8.2
Connector Object Changes Supported by the Upgrade Connectors Feature
12.8.2.1
Resource Object Changes
12.8.2.2
Process Definition Changes
12.8.2.3
Resource Bundle Changes
12.8.2.4
Process Form Changes
12.8.2.5
Lookup Definition Changes
12.8.2.6
Adapter Changes
12.8.2.7
Rule Changes
12.8.2.8
IT Resource Type Changes
12.8.2.9
IT Resource Changes
12.8.2.10
Scheduled Task Changes
12.8.3
What Happens When You Upgrade a Connector
12.8.4
Summary of the Upgrade Procedure
12.8.5
Procedure to Upgrade a Connector
12.8.5.1
Preupgrade Procedure
12.8.5.2
Upgrade Procedure
12.8.5.3
Postupgrade Procedure
12.8.6
Procedure to Upgrade a 9.
x
Connector Version to an ICF Based Connector
12.9
Uninstalling Connectors
12.9.1
Use Cases Supported by the Uninstall Connectors Utility
12.9.2
Overview of the Connector Uninstall Process
12.9.3
Setting Up the Uninstall Connector Utility
12.9.4
Uninstalling Connectors and Removing Connector Objects
12.9.4.1
Uninstalling a Connector
12.9.4.2
Removing Adapters, Lookup Definitions, Resource Objects, and Scheduled Tasks
12.9.4.3
Running the Script to Uninstall Connectors and Connector Objects
12.10
Troubleshooting Connector Management Issues
13
Managing Reconciliation
13.1
Types of Reconciliation
13.1.1
Reconciliation Based on the Object Being Reconciled
13.1.1.1
Trusted Source Reconciliation
13.1.1.2
Account Reconciliation
13.1.1.3
Reconciliation Process Flow
13.1.2
Mode of Reconciliation
13.1.3
Approach Used for Reconciliation
13.2
Managing Reconciliation Events
13.2.1
Searching Events
13.2.1.1
Performing a Simple Search for Events
13.2.1.2
Performing an Advanced Search for Events
13.2.2
Displaying Event Details
13.2.3
Determining Event Actions
13.2.4
Re-evaluating Events
13.2.5
Closing Events
13.2.6
Linking Reconciliation Events
13.2.6.1
Ad Hoc Linking
13.2.6.2
Manual Linking
13.2.6.3
Linking Orphan Accounts
Part VI Managing Infrastructure Services
14
Managing Notification Service
14.1
Managing Notification Providers
14.1.1
Using UMS for Notification
14.1.1.1
Enabling Oracle Identity Manager to Use UMS for Notification
14.1.1.2
Applying OWSM Policy to the UMS Web Service
14.1.2
Using SMTP for Notification
14.1.3
Using SOA Composite for Notification
14.1.4
Configuring Custom Notification Provider
14.1.5
Disabling and Enabling Notification Providers
14.2
Managing Notification Templates
14.2.1
Searching for a Notification Template
14.2.2
Creating a Notification Template
14.2.3
Modifying a Notification Template
14.2.4
Disabling a Notification Template
14.2.5
Enabling a Notification Template
14.2.6
Adding and Removing Locales from a Notification Template
14.2.7
Deleting a Notification Template
14.2.8
Configuring Notification for a Proxy
14.3
Configuring Email in Provisioning Workflow
14.4
Configuring SOA Email Notification
14.4.1
Configuring Actionable Email Notification on SOA
14.4.2
Troubleshooting SOA Email Notification
14.5
Disabling Oracle Identity Manager Email Notifications
15
Managing the Scheduler
15.1
Configuring the oim-config.xml File
15.2
Starting and Stopping the Scheduler
15.2.1
Controlling Scheduler Start or Stop in a Clustered Environment
15.2.1.1
Adding the Server Side Property for Oracle Identity Manager
15.2.1.2
Restarting Oracle Identity Manager Managed Servers from the Node Manager
15.2.1.3
Modifying the Server Side Property for Oracle Identity Manager
15.3
Disabling and Enabling the Scheduler on a Node in Cluster Setup
15.3.1
Adding the Server-Level Property
15.3.2
Restarting the Managed Server from the Node Manger
15.4
Scheduled Tasks
15.4.1
Predefined Scheduled Tasks
15.4.2
LDAP Scheduled Tasks
15.4.2.1
Using Attribute-Level Filtering for Running LDAP Sync Incremental Reconciliation Jobs
15.4.3
Creating Custom Scheduled Tasks
15.5
Jobs
15.5.1
Creating Jobs
15.5.2
Searching Jobs
15.5.2.1
Performing a Simple Search for Jobs
15.5.2.2
Performing an Advanced Search for Jobs
15.5.3
Viewing Jobs
15.5.4
Modifying Jobs
15.5.5
Disabling and Enabling Jobs
15.5.6
Starting and Stopping Jobs
15.5.7
Deleting Jobs
16
Managing System Properties
16.1
System Properties in Oracle Identity Manager
16.2
Creating and Managing System Properties
16.2.1
Creating System Properties
16.2.2
Purging Cache
16.2.3
Searching for System Properties
16.2.3.1
Performing a Simple Search
16.2.3.2
Performing an Advanced Search
16.2.4
Modifying System Properties
16.2.5
Deleting System Properties
Part VII Requests
17
Managing the Access Request Catalog
17.1
Access Request Catalog
17.1.1
Access Request Challenges
17.1.2
Concepts
17.1.3
Catalog Use cases
17.2
About the Access Request Catalog
17.2.1
Features and Benefits
17.2.2
Architecture
17.3
Administering the Access Request Catalog
17.3.1
Pre-requisites
17.3.1.1
Setting up the Catalog System Administrator
17.3.1.2
Defining the Catalog Metadata
17.3.2
Common Tasks
17.3.2.1
Onboard Applications and Roles
17.3.2.2
Bootstrapping the Catalog
17.3.2.3
Ongoing Synchronization
17.3.2.4
Enrich the Catalog
17.3.2.5
Managing Catalog Items
17.3.3
Configuring Catalog Auditing
17.3.4
Configuring Hierarchical Attributes of Entitlements
17.3.5
Database Best Practices for Access Request Catalog
17.3.5.1
One-Time Optimizations for Oracle Text Index
17.3.5.2
Text Index Optimization
17.4
Managing the Lifecycle of the Catalog
17.4.1
Overview of Catalog Customization
17.4.2
Test to Production procedures for Catalog customizations
17.4.2.1
Exporting using the Sandbox and Deployment Manager
17.4.2.2
Importing Using the Deployment Manager and Sandbox
17.4.3
Limitations of the Test to Production procedures
17.5
Troubleshooting
17.5.1
Catalog synchronization issues
17.5.2
Catalog security issues
17.5.3
Catalog Search Issues
Part VIII Auditing and Reporting
18
Configuring Auditing
18.1
Overview
18.1.1
Auditing Design Components
18.1.2
Profile Auditing
18.1.3
Standard and Customized Reports
18.2
User Profile Auditing
18.2.1
Data Collected for Audits
18.2.1.1
Capture of User Profile Audit Data
18.2.1.2
Storage of Snapshots
18.2.1.3
Trigger for Taking Snapshots
18.2.2
Post-Processor Used for User Profile Auditing
18.2.3
Tables Used for User Profile Auditing
18.2.4
Archival
18.3
Role Profile Auditing
18.3.1
Data Collected for Audits
18.3.1.1
Capture and Archiving of Role Profile Audit Data
18.3.1.2
Storage of Snapshots
18.3.1.3
Trigger for Taking Snapshots
18.4
Catalog Auditing
18.5
Enabling and Disabling Auditing
18.5.1
Disabling Auditing
18.5.2
Enabling Auditing
19
Using Reporting Features
19.1
Reporting Features
19.2
Starting Oracle Identity Manager Reports
19.3
Running Oracle Identity Manager Reports
19.4
Supported Output Formats
19.5
Reports for Oracle Identity Manager
19.5.1
Access Policy Reports
19.5.1.1
Access Policy Details
19.5.1.2
Access Policy List by Role
19.5.2
Attestation, Request, and Approval Reports
19.5.2.1
Approval Activity
19.5.2.2
Attestation Process List
19.5.2.3
Attestation Request Details
19.5.2.4
Attestation Requests by Process
19.5.2.5
Attestation Requests by Reviewer
19.5.2.6
Request Details
19.5.2.7
Request Summary
19.5.2.8
Task Assignment History
19.5.3
Role and Organization Reports
19.5.3.1
Role Membership History
19.5.3.2
Role Membership Profile
19.5.3.3
Role Membership
19.5.3.4
Organization Details
19.5.3.5
User Membership History
19.5.4
Password Reports
19.5.4.1
Password Expiration Summary
19.5.4.2
Password Reset Summary
19.5.4.3
Resource Password Expiration
19.5.5
Resource and Entitlement Reports
19.5.5.1
Account Activity In Resource
19.5.5.2
Delegated Admins and Permissions by Resource
19.5.5.3
Delegated Admins by Resource
19.5.5.4
Entitlement Access List
19.5.5.5
Entitlement Access List History
19.5.5.6
Financially Significant Resource Details
19.5.5.7
Resource Access List History
19.5.5.8
Resource Access List
19.5.5.9
Resource Account Summary
19.5.5.10
Resource Activity Summary
19.5.5.11
User Resource Access History
19.5.5.12
User Resource Access
19.5.5.13
User Resource Entitlement
19.5.5.14
User Resource Entitlement History
19.5.6
User Reports
19.5.6.1
User Creation
19.5.6.2
User Profile History
19.5.6.3
User Summary
19.5.6.4
Users Deleted
19.5.6.5
Users Disabled
19.5.6.6
Users Unlocked
19.5.7
Certification Reports
19.5.8
Exception Reports
19.5.8.1
Fine Grained Entitlement Exceptions By Resource
19.5.8.2
Orphaned Account Summary
19.5.8.3
Rogue Accounts By Resource
19.5.9
Best Practices for Running Oracle Identity Manager Reports
19.6
Creating Reports Using Third-Party Software
19.7
Required Scheduled Tasks for BI Publisher Reports
20
Using the Archival and Purge Utilities for Controlling Data Growth
20.1
Understanding Archival and Purge Concepts
20.1.1
Categorization: Purge Only Solution Versus Purge and Archive Solution for Entities
20.1.2
Archival of Data
20.1.3
Purge
20.1.4
Real-Time Purge
20.1.5
Retention Period
20.1.6
Modes of Archival Purge Operations
20.2
Using Real-Time Purge and Archival Option in Oracle Identity Manager
20.2.1
Understanding Real-Time Data Purge and Archival
20.2.2
Configuring Real-Time Purge and Archival
20.2.3
Understanding the Orchestration Purge Utility
20.2.4
Collecting Diagnostic Data of the Online Archival and Purge Operations
20.3
Using Command-Line Option of the Archival Purge Utilities in Oracle Identity Manager
20.3.1
Understanding Command-Line Utilities
20.3.2
Using the Reconciliation Archival Utility
20.3.2.1
Understanding the Reconciliation Archival Utility
20.3.2.2
Prerequisite for Running the Reconciliation Archival Utility
20.3.2.3
Archival Criteria
20.3.2.4
Running the Reconciliation Archival Utility
20.3.2.5
Log File Generated by the Reconciliation Archival Utility
20.3.3
Using the Task Archival Utility
20.3.3.1
Understanding the Task Archival Utility
20.3.3.2
Preparing Oracle Database for the Task Archival Utility
20.3.3.3
Running the Task Archival Utility
20.3.3.4
Reviewing the Output Files Generated by the Task Archival Utility
20.3.4
Using the Requests Archival Utility
20.3.4.1
Understanding the Requests Archival Utility
20.3.4.2
Prerequisites for Running the Requests Archival Utility
20.3.4.3
Input Parameters
20.3.4.4
Running the Requests Archival Utility
20.3.4.5
Log Files Generated by the Utility
20.3.5
Using the Audit Archival and Purge Utility
20.3.5.1
Overview
20.3.5.2
Prerequisites for Using the Utility
20.3.5.3
Preparing the UPA Table for Archival and Purge
20.3.5.4
Archiving or Purging the UPA Table
Part IX Diagnostics and Troubleshooting
21
Configuring Logging
21.1
Logging in Oracle Identity Manager By Using ODL
21.1.1
Message Types and Levels
21.1.2
Log Handler and Logger Configuration
21.1.3
Configuring Log Handlers
21.1.3.1
Log Handler Configuration Tools
21.1.4
Configuring Loggers
21.1.5
Sample ODL Log Output
21.2
Logging in Oracle Identity Manager By Using log4j
21.2.1
Log Levels
21.2.2
Loggers
21.2.3
Configuring and Enabling Logging
21.3
Setting Warning State
22
Using Enterprise Manager for Managing Oracle Identity Manager Configuration
22.1
Using MBeans for Configuration Changes
22.2
Exporting and Importing Configuration Files
23
Diagnosing Orchestration Operations Using Enterprise Manager
23.1
The Dashboard Tab
23.1.1
Viewing Operation Details
23.1.2
Viewing Log Messages
23.1.2.1
Searching Log Messages
23.1.2.2
Viewing Context Details
23.2
The Operations Tab
23.3
The Instances Tab
24
Setting the Language for Users
25
Troubleshooting Open Cursor Issues
Part X Additional Components
26
Installing and Configuring a Remote Manager
26.1
Overview of the Remote Manager Configuration
26.2
Configuring the Remote Manager
26.2.1
Adding the Trust Relation
26.2.2
Configuring the Remote Manager by Using Your Own Certificate
26.2.3
Creating the Remote Manager Connection
26.2.4
Updating the xlconfig.xml File to Change the Port for Remote Manager
26.3
Stopping and Starting the Remote Manager
26.4
Troubleshooting Remote Manager
27
Using the Form Upgrade Job and Form Version Control Utility
27.1
Using the Form Upgrade Job
27.2
Using the FVC Utility
27.2.1
Use Cases Supported by the FVC Utility
27.2.2
Use Cases That Are Not Supported by the FVC Utility
27.2.3
Summary of the Form Version Control Process
27.2.4
Components of the FVC Utility
27.2.5
Preparing the Properties File
27.2.6
Addressing Prerequisites for Using the FVC Utility
27.2.7
Running the Utility
27.2.8
Troubleshooting
28
Starting and Stopping Servers
28.1
Configuring the Node Manager
28.2
Starting the Node Manager
28.3
Starting or Stopping WebLogic Administration Server
28.4
Starting or Stopping WebLogic Managed Servers
28.4.1
Starting or Stopping the Managed Servers By Using Command Prompt
28.4.2
Starting or Stopping the Managed Server By Using Oracle Enterprise Manager Fusion Middleware Control
28.4.3
Starting or Stopping Servers By Using Oracle WebLogic Server Administration Console
29
Enabling Secure Cookies
30
Integrating with Other Oracle Components
30.1
Oracle Access Manager
30.2
Oracle Adaptive Access Manager
30.3
Oracle Identity Analytics
30.3.1
Integration Configuration in Oracle Identity Manager
30.3.1.1
The DataCollectionOperationsIntf API Interface
30.3.1.2
Staging Tables
30.3.1.3
Data Collection Process
30.4
Oracle Identity Navigator
30.5
Oracle Virtual Directory
30.6
Oracle Service-Oriented Architecture
30.7
Oracle Business Intelligence Publisher
31
Handling Lifecycle Management Changes
31.1
URL Changes Related to Oracle Identity Manager
31.1.1
Oracle Identity Manager Host and Port Changes
31.1.1.1
Changing OimFrontEndURL in Oracle Identity Manager Configuration
31.1.1.2
Changing backOfficeURL in Oracle Identity Manager Configuration
31.1.1.3
Changing Task Details URL in Human Task Configuration
31.1.2
Oracle Identity Manager Database Host and Port Changes
31.1.3
Oracle Virtual Directory Host and Port Changes
31.1.4
BI Publisher Host and Port Changes
31.1.5
SOA Host and Port Changes
31.1.6
OAM Host and Port Changes
31.2
Password Changes Related to Oracle Identity Manager
31.2.1
Changing Oracle WebLogic Administrator Password
31.2.2
Changing Oracle Identity Manager Administrator Password
31.2.3
Changing Oracle Identity Manager Administrator Database Password
31.2.3.1
Resetting System Administrator Database Password in Oracle Identity Manager Deployment
31.2.3.2
Resetting System Administrator Database Password When Oracle Identity Manager Deployment is Integrated With Access Manager
31.2.4
Changing Oracle Identity Manager Database Password
31.2.5
Changing Oracle Identity Manager Passwords in the Credential Store Framework
31.2.6
Changing OVD Password
31.2.7
Changing Oracle Identity Manager Administrator Password in LDAP
31.2.8
Unlocking Oracle Identity Manager Administrator Password in LDAP
31.2.9
Changing Schema Passwords
31.3
Configuring SSL for Oracle Identity Manager
31.3.1
Generating Keys
31.3.2
Signing the Certificates
31.3.3
Exporting the Certificate
31.3.4
Importing the Certificate
31.3.5
Enabling SSL for Oracle Identity Manager and SOA Servers
31.3.5.1
Enabling SSL for Oracle Identity Manager
31.3.5.2
Changing OimFrontEndURL to Use SSL Port
31.3.5.3
Changing backOfficeURL to Use SSL Port
31.3.5.4
Changing SOA Server URL to Use SSL Port
31.3.5.5
Configuring SSL for Design Console
31.3.5.6
Configuring SSL for Oracle Identity Manager Utilities
31.3.5.7
Configuring SSL for SPML/Callback Domain
31.3.6
Enabling SSL for Oracle Identity Manager DB
31.3.6.1
Setting Up DB in Server-Authentication SSL Mode
31.3.6.2
Creating KeyStores and Certificates
31.3.6.3
Updating Oracle Identity Manager
31.3.6.4
Updating WebLogic Server
31.3.7
Enabling SSL for LDAP Synchronization
31.3.7.1
Enabling OVD-OID with SSL
31.3.7.2
Updating Oracle Identity Manager for OVD Host/Port
31.3.7.3
Enabling Managed WebLogic Server with SSL
31.4
Updating the WebLogic Administrator Server User Name (Optional)
32
Securing a Deployment
Part XI Appendixes
A
Default User Accounts
B
Configuring SSO Providers for Oracle Identity Manager
B.1
Enabling Oracle Identity Manager to Work With OpenSSO
B.1.1
Prerequisites
B.1.2
Integrating Oracle Identity Manager with OpenSSO
B.1.3
Running Validation Tests to Verify the Configuration
B.2
Enabling Oracle Identity Manager to Work With IBM Tivoli Access Manager
B.2.1
Prerequisites
B.2.2
Integrating Oracle Identity Manager with IBM Tivoli Access Manager
B.2.3
Running Validation Tests to Validate the Configuration
B.3
Enabling Oracle Identity Manager to Work With CA SiteMinder
B.3.1
Prerequisites
B.3.2
Integrating Oracle Identity Manager with CA SiteMinder
B.3.3
Running Validation Tests to Validate the Configuration
C
Localizing Challenge Questions and Responses
D
XSD for Registering XML Schema
D.1
For Oracle Database 11
g
Release 1 or Later
D.2
For Oracle Database Earlier Than 11
g
Release 1
E
Using Database Roles/Grants for Oracle Identity Manager Database
F
Enabling Transparent Data Encryption
F.1
Configuring TDE for New Installation of Oracle Identity Manager
F.2
Configuring TDE for an Existing Installation of Oracle Identity Manager
F.3
Deconfiguring TDE for Oracle Identity Manager
G
Determining the Server Version
H
Integrating with Access Management
H.1
Performing the Prerequisites
H.2
Configuring OIM Domain for SSO
H.3
Validating the Integration
Index
Scripting on this page enhances content navigation, but does not change the content in any way.