Index

A  B  C  D  E  F  G  H  I  J  K  L  M  N  O  P  R  S  T  U  V  W 

---

A

access rights, 2.3.1, 4.3, C.3.10

accordions

Administration, 4.3.2

Configuration, 4.3.4, 5.2.3.1, 5.3.2

Home, 4.3.1

Reports, 4.3.3

accounts, attended, 1.2.1

accounts, privileged

access issues, C.3.3

access rights, 2.3.1, 2.3.2

adding, 4.3.6, 8.2, 8.2, A.5.1, B.6.1

administration roles, 2.3.1

assigning policies, 9.2.5

auditing, 14.1

checking in, A.5.3

checking out, A.5.4

checking out/in, 2.4.2.1, 8.5.1, 8.5.2, 8.6, B.6.10, B.6.15

deployment report, 4.3.3

description, 1.1, 8.1

display listing, A.5.2

forcing check-ins, 8.6

granting to groups, 10.3, A.6.3

granting to users, 10.2, A.6.4

managing, 8.1, 17.3.1

mapping, 8.2, 8.2, 8.2.3

modifying, A.5.6

opening, 8.4, 12.4

removing, 8.9, A.5.7, B.6.2, B.6.18

removing access, A.6.5, A.6.6, B.6.19

resetting passwords, 1.2, 8.6, 8.8.3, 9.2.3, 9.2.3

retrieving, A.5.9, B.5.8, B.6.7

searching, 4.3.5, 8.3, A.5.10, B.6.5, B.7.1

searching for assigned, B.6.6, B.7.2

searching for checkout history, A.5.11

securing shared, 2.4.2, 2.4.2.2

sharing, 2.4.2.2, 8.1.3, 8.1.3, 8.2.1

showing checked out, 12.6, A.5.5, B.6.11, B.7.3

showing passwords, 8.8.1

troubleshooting, C.3.3, C.3.11

updating, B.6.17

verifying, B.6.16

viewing passwords, 8.6

accounts, service

configuring, 6.2, 7.2

description, Glossary

reset password, B.5.11

show password, B.5.12, B.5.13

accounts, unattended, 1.2.1, 6.2, 7.1, 7.2, Glossary

activating

Password Policies, 9.2.4

Usage Policies, 9.3.4

adding

authenticators, 3.3.2

CSF map-keys, B.6.4

CSF mappings, 8.2.3

custom connectors, 15.3.2

custom plug-in attributes, A.7.2

custom plug-ins, 2.6

grantees, 8.2.2, B.6.3

identity providers, 17.2.2.3

new connectors, 15.3

OPAM server, 5.1.1, 5.2.1

OPSM server, 5.3.2

Password Policies, 9.2.4, A.3.1, B.4.3.3

plug-ins, 11.2, A.7.1, B.10.1

privileged accounts, 4.3.6, 8.2, 8.2, A.5.1, B.6.1

service accounts, 7.1

targets, 4.3.6, 6.1, 6.2, A.4.1, B.5.2, C.3.4

Usage Policies, 9.2.4, A.3.2, B.4.4.3

users and groups, 3.3.3.1.2

ADF

authentication, 2.2

definition/purpose, Glossary

Oracle Privileged Account Manager Console, 1.2.3

Admin Roles, Common, 2.3.1, 2.3.1

Administration accordion, 4.3.2

administrators

configuring OIM, 17.1.2.2

default, 2.3.1

agents, WebGate, 17.2

APIs, REST, B.1

application accounts

managing, 8.1

targets, 6.1

Application Configurator role

access rights, 2.3.1

assigning, 3.3.4

Application Development Framework, Oracle

See ADF

applications

configuring access to multiple, 17.2.2.4

default URLs, 3.1

deploying client, 2.2.1

roles, 2.3.1

storing credentials, 17.3.1

unattended, 1.2.2

writing custom, 1.2.3

architecture

diagram, 1.2.3

Oracle Privileged Account Manager server, 5.1.1

assigning policies, 9.2.5

attended accounts, 1.2.1

attributes

adding custom, A.7.2

removing custom, A.7.3

retrieving target, B.5.1

audit logs

default file location, 14.1.1

saving, 14.1.1

audit reports

configuring, 14.1.1.1, 14.1.1.1

default report types, 14.1.2

deploying, 14.1.1.3

example, 14.1.2

audit schema, 14.1.1.2

auditing

CSF content, 14.1.3

event types, 14.1

example audit report, 14.1.2

file-based, 14.1.1.1, 14.1.1.1

logging levels, 14.1.1.4

managing, 14

privileged accounts, 14.1

saving audit logs, 14.1.1

shared accounts, 2.4.2.2

authentication

ADF-based, 2.2

framework, 2.1

JAAS support, 1.2.3, 2.1

modes, 2.2

Oracle Privileged Account Manager command line tool client, 2.2.2

Oracle Privileged Account Manager server, 2.2.2

SAML-based token, 2.2

schema, 17.2.2.1

user, 2.2.1

authenticators, adding, 3.3.2

authorization

Common Admin Roles, 2.3

end users/enterprise users, 2.3.2

framework, 2.1

mapping users to Admin Roles, 2.3.1, 2.3.1

weblogic or bootstrap user, 2.3.1, 2.3.1

Auto-Detect URL, 5.3.3

automation.log, 3.3.3.1.1

---

B

back-end database, hardening, 2.4.6

backup and recovery

planning, 15.4.1

recovering data, 15.4.4

using Oracle Recovery Manager (RMAN), 15.4.4

basic logging, configuring, 14.2

BI Publisher

audit reports, 14.1.2

configuring connection to server, 14.1.1.3

deploying audit reports, 14.1.1.3

example audit report, 14.1.2

features, 1.2.1

BI_DOMAIN_HOME, setting, 3.1

bootstrap user, 2.3.1, Glossary

---

C

catalogs, 17.1.2.2

certificates

CA, retrieving, 17.1.2.5

SSL, importing, C.3.5

SSL, trusting, 15.1

channels, secure versus unsecure, 2.4.1.1

checking out

sessions, 8.5.2, 9.3.3, 9.3.4

checking out/in

accounts, 8.5.1

checkout date, 8.5.1

expiration date, 8.5.1

privileged accounts, 8.5.1, 8.5.2, 8.6, A.5.3, A.5.4, B.6.10, B.6.15

shared accounts, 2.4.2.2

troubleshooting, C.3.6

Checkout History Reports, 8.7, 13.5

checkouts, current, 8.5.1, 8.7

clients, third-party, 1.2.3

command line tool

adding Oracle Privileged Account Manager server, 5.1.1

authentication modes, 2.2, 2.2.2

command syntax, A.1.2

security, 2.2.2, 2.4.1.2

commands

idmConfigTool, 3.3.3.1.1

importing SSL certificates, 15.1

WLST, 17.2.2.4

Common Admin Roles, 2.3.1, 2.3.1

Configuration accordion, 4.3.4, 5.2.3.1, 5.3.2

configuration entry, A.2.1

configuration files

decrypting, A.8.2

encrypting, A.8.1

configuring

access to multiple applications, 17.2.2.4

audit reports, 14.1.1.1, 14.1.1.1

data sources, 14.1.1.3

external identity store, 3.3.2

identity store, 3.3.3.1.2

OIM administrators, 17.1.2.2

Oracle HTTP Server, 17.2.2.2

Oracle Internet Directory authenticator, 3.3.2

plug-ins, 11.3

shared accounts, 8.2.1

connecting to

Oracle Privileged Account Manager server, C.3.1

Oracle Privileged Session Manager, 5.3.2

connectors

adding new, 15.3

bundle location, 3.2.2

connecting to target systems, 2.4.1.1

custom, 1.2.3

deploying, 3.2

description, 3.2, 3.2

developing ICF-compliant, 3.2.1

Identity Connector FrameWork, 1.2.1

installing, 3.2

LDAP, 17.1.1

opam-config.xml file, 3.2.3, 15.3.1, 15.3.2

opam-config.xsd file, 3.2.3, 3.2.3, 15.3.2, 15.3.2

shipped with Oracle Privileged Account Manager, 3.2.1

storing, 3.2.2

supported database types, 6.2.1

writing, 3.2.1

Console

description, 1.2.3

securing, 2.4.1.2

troubleshooting issues, C.3.2

user authentication, 2.2.1

Control Flag attributes, 3.3.2

creating

Password Policies, 9.2.4, B.4.3.3

plug-in configurations, 11.3

schema, 14.1.1.2, Glossary

service accounts, 7.2

Usage Policies, 9.3.4, B.4.4.3

users/groups in identity store, 3.3.3.1.2

Credential Store Framework

See CSF.

credentials

managing application, 17.3.4

provisioning through Oracle Privileged Account Manager, 17.3.2

starting servers, 3.3.1

storing, 8.2.3, 17.3.1, 17.3.1

using CSF, 17.3.1

CSF

account mapping, 8.2, 8.2, 8.2.3, 17.3.2

adding/removing map-keys, B.6.4

definition/purpose, Glossary

enabling auditing, 14.1.3

integration with, 17.3

Current Checkouts table, 8.5.1, 8.7

custom applications, writing, 1.2.3

custom attributes, plug-in, A.7.2, A.7.3

custom code, security, 2.6

custom connectors

adding, 15.3.2

using, 1.2.3

custom keystores, 15.1

custom plug-ins

adding, 2.6

customizing pages, 15.6

---

D

data

exporting, A.8.1

importing, A.8.3

data encryption, using, 2.4.6, 15.2, C.3.12

data sources

configuring, 14.1.1.3

defining JDBC, 14.1.1.3

data store, RDBMS, 2.4.6

data, purging, 15.4.4

databases, hardening back-end, 2.4.6

decrypting encrypted configuration files, A.8.2

default

administrator, 2.3.1

audit report types, 14.1.2

password requirements, setting, 9.2.3

ports, 3.1, A.1.1

URLs, 3.1, 3.1

Default Password Policy, 8.2.1, 9.1

Default Usage Policy, 9.1

defining

JDBC connections and data sources, 14.1.1.3, 14.1.1.3

policies, 2.1

roles, 2.1

deleting

grantees, 10.6

Password Policies, B.4.3.5

plug-in configurations, 11.6

plug-ins, B.10.6

policies, 9.2.6, 9.3.6

Usage Policies, B.4.4.5

deploying

audit reports in BI Publisher, 14.1.1.3

client applications, 2.2.1

connectors, 3.2, 15.3.2

Oracle Privileged Account Manager in Oracle Fusion Middleware, 1.3

Deployment Reports, 13.2

diagnosing problems, C.2

diagnostic logs, 14.2, 14.2

disabling

Password Policies, 9.2.4

Usage Policies, 9.3.4

displaying

checked out accounts, A.5.5, B.6.11, B.7.3

group listing, A.6.1

privileged accounts list, A.5.2

target listing, A.4.2

user listing, A.6.2

domain identity store, using Oracle Virtual Directory, 3.3.2

DOMAIN_HOME, 14.1.1, Glossary

DOMAIN_HOME, setting, 3.1

duration, password, 9.2.3

---

E

encrypting configuration files, A.8.1

end users

privileges, 2.3.2, C.3.10

enterprise roles

populating resource catalog, 17.1.1

entitlements

populating resource catalog, 17.1.1

requesting access, 17.1.2.2

environments, moving from test to production, 15.5

executing plug-ins, 3.4, 11.2.7, 11.3, 11.3, 11.3, A.7.1

exporting

troubleshooting, C.3.9

exporting data, A.8.1

extending, schema in Oracle Internet Directory, 3.3.3.1.1

external identity store, configuring, 3.3.2

---

F

Failure Reports, 13.4

file-based auditing, configuring, 14.1.1.1, 14.1.1.1

files

audit logs, 14.1.1

connector bundles, 3.2.2

mod_wl_ohs.conf file, 17.2.2.2

opam_product_BIP11gReports_11_1_2_1_0.zip, 14.1.1.3

opam-config.xml file, 3.2.3, 15.3.1, 15.3.2

opam-config.xsd file, 3.2.3, 3.2.3, 15.3.2, 15.3.2

Repository Creation Utility zip, 14.1.1.2

filtering rules, plug-in, 11.3, A.7.1

firecall requests, 17.1.2.2

forcing check-ins, 8.6

framework

ADF, Glossary

authentication and authorization, 2

CSF, 8.2, 17.3

ICF, 1.2, 1.2.1, 3.2, 8.1.2

Oracle Privileged Account Manager, 2

plug-in, Preface, 2.6, 8.1.2, 11.2.1, 11.2.1, 11.2.6, 16.1

---

G

generating audit reports, 14.1.1.1, 14.1.1.1

generic logs, default location, 14.2, 14.2

grantees

adding to privileged accounts, 8.2.2

avoiding multiple grant paths, 2.4.4

granting accounts, 10.2, 10.3, A.6.3, B.6.3

opening, 10.5

removing, 8.2.2, 10.6

retrieving, A.6.7, B.6.8

searching, 10.4

troubleshooting, C.3.10

groups

creating in identity store, 3.3.3.1.2

display listing, A.6.1

granting accounts, 10.3

retrieving, B.9.1, B.9.2, B.9.3, B.9.4

retrieving information, A.6.8

searching, A.6.10, B.9.5

---

H

Home accordion, 4.3.1

HTTP Basic-Authorization, 2.2, 2.2.2

---

I

IAM_HOME, setting, 3.1

ICF

description, Glossary

developing compliant connectors, 3.2.1

framework, 3.2

integration with, 1.2.1

managing application accounts, 8.1.2

password management, 1.2

Identity Connector FrameWork

See ICF.

identity propagation, 2.2.1, Glossary

identity providers, adding, 17.2.2.3

identity store

configuring, 3.3.2, 3.3.3.1.2

creating users/groups, 3.3.3.1.2

Oracle Internet Directory, 3.3.2, 17.2.1

Oracle Virtual Directory, 3.3.2

preparing, 3.3.3.1

seeding, 3.3.3.1.2

identity store, OPSS, 1.3

idmConfigTool command, 3.3.3.1.1

importing

data, A.8.3

SSL certificates, 15.1

troubleshooting, C.3.9

integrating with

CSF, 17.3

Oracle Access Management Access Manager, 17.2

Oracle Identity Manager, 17.1.1

Oracle Identity Manager workflows, 17.1.1

Oracle technologies, 1.2.1

interfaces

Oracle Privileged Account Manager, 1.2.3

securing, 2.4.1.2

---

J

JAAS authentication support, 1.2.3, 2.1

jar files, connector, 3.2.2

JAVA_HOME, setting, 3.1

JavaScript Object Notation

See JSON.

JDBC connections and data sources, 14.1.1.3

JSON Representations

description, Glossary

Oracle Privileged Account Manager architecture, 1.2.3

RESTful APIs, B

---

K

key sizes, troubleshooting, C.3.9, C.3.13.1

keystores

custom, 15.1

---

L

LDAP connectors, 17.1.1

LDAP groups, 17.1.2.4

ldifmigrator, Glossary

Listener ports, 5.3.3

loading audit schema, 14.1.1.2

lockbox targets, 6.1, 6.2.3, 7.3.1, 7.3.3, A.4.5, A.4.8, Glossary

logging

audit logger, 14.1

audit logs location, 14.1.1

configuring basic, 14.2

diagnosing problems, C.2.1

exceptions, C.2.2

generic logger, 14.2

generic logs location, 14.2, 14.2

setting audit logging levels, 14.1.1.4

Login page, rebranding, 15.6

logs

default locations, 14.2, 14.2

diagnostic, C.2.2

generic, 14.2, 14.2

idmConfigTool automation.log, 3.3.3.1.1

specifying name/location, A.8.1

---

M

managing

account credentials, 17.3.1

application credentials, 17.3.4

Oracle Privileged Account Manager audit logging, 14

passwords, 1.2, 8.8

server properties, A.2.1

managing passwords, 8.8.1

map-keys, CSF, B.6.4

mapping, CSF, 8.2, 8.2.3, 17.3.2

mod_wl_ohs.conf file, 17.2.2.2

modifying

Default Password Policy, 9.2.3

Default Usage Policy, 9.3.3

OPAM Global Config configuration entry, A.2.3

Password Policies, A.3.3, B.4.3.2

plug-ins, A.7.6, B.10.5

policies, 9.1, B.4.4.2

privileged accounts, A.5.6

targets, A.4.3

Usage Policies, A.3.4

multiple grant paths,avoiding, 2.4.4

MW_HOME, setting, 3.1

---

N

network channel, securing, 2.4.1

---

O

obfuscation, 2.4.6

OPAM Global Config configuration entry, 5.2.3, A.2.3

OPAM Service Account, 1.2.1, 7.1

OPAM service account, 1.2.1

description, 1.2.1

managing passwords, 6.5, B.5.12, B.5.13

OPAM service accounts

creating, 7.2

description, 7.1

managing passwords, 7.3

opam_product_BIP11gReports_11_1_2_1_0.zip file, 14.1.1.3

opam-config.xml file, 3.2.3, 15.3.1, 15.3.2

opam-config.xsd file, 3.2.3, 3.2.3, 15.3.2, 15.3.2

opening

grantees, 10.5

plug-ins, 11.5

policies, 9.2.2, 9.3.2

privileged accounts, 8.4, 12.4

targets, 6.4

OPSS

description, Glossary

identity store, 1.3

Policy Store, 1.2.1

providing authentication, 2.2.1

security store, 1.3

Trust Service, 1.2.1

OPSS Trust Service, 2.2.1, Glossary

OPSS-Trust Service Assertions, 2.2

OPSS-Trust tokens, 2.1

Oracle Access Management Access Manager

integration with, 17.2

Oracle Application Development Framework

See ADF.

Oracle Database

backup and recovery, 15.4.1

connecting to, 3.2, C.3.4.1

Oracle Database TDE mode

disabling

from the command line, A.2.3

from the Console, 5.2.3.1

using REST API, B.3.1.1

enabling

from the command line, 15.2.1.3, A.2.3

from the Console, 5.2.3.1

using REST API, B.3.1.1

securing OPAM database, 15.2, 15.2, C.3.12, C.3.12

Oracle Fusion Middleware

deploying Oracle Privileged Account Manager, 1.3

Oracle Fusion Middleware Audit Framework, 1.2.1

Oracle HTTP Server

configuring, 17.2.2.2

using for Single Sign On, 17.2.2

Oracle Identity Manager

CA certificate, OPAM, 17.1.2.5

configuring administrators, 17.1.2.2

enterprise roles, 17.1.1

entitlements, 17.1.1, 17.1.2.2

integration, 17.1.1, 17.1.1

resource catalog, 17.1.1

rules, 17.1.2.2

workflow support, 17.1.1

Oracle Internet Directory

configuring authenticator, 3.3.2

Data Migration Tool (ldifmigrator), Glossary

identity store, 3.3.2, 17.2.1

Oracle Platform Security Services

See OPSS

Oracle Privileged Account Manager

architecture and topology, 1.2.3

command syntax, A.1.2

default connectors, 3.2.1

interfaces, 1.2.3

Managed Server, starting, 3.3.1

securing, 2.4

Oracle Privileged Account Manager Console

about, 1.2.3

adding Oracle Privileged Account Manager server, 5.1.1

ADF, 1.2.3

securing, 2.4.1.2

Oracle Privileged Account Manager server

architecture, 5.1.1

authentication, 2.2.2

connecting to, C.3.1

Oracle Privileged Session Manager

configuring a connection, 5.3.2

managing, 5.3

Oracle Recovery Manager

See RMAN., 15.4.1, 15.4.4

Oracle Virtual Directory

identity store, 3.3.2

sample output from idmConfigTool, 3.3.3.1.1

using as domain identity store, 3.3.2

using non-OID directories, 3.3.3.1.1

ORACLE_HOME, setting, 3.1

---

P

packet sniffing, 2.4.1.1

pages, rebranding, 15.6

Password Complexity Rules, 9.2.3

password history, viewing, 7.3.2

Password Policies

activating, 9.2.4

adding, A.3.1

assigning to accounts, 9.2.5

creating, 9.2.4, B.4.3.3

deleting, B.4.3.5

description/purpose, 9.1

disabling, 9.2.4

modifying, 9.1, 9.2.3, A.3.3

removing, A.3.5

resetting passwords, 8.8.3, 9.2.3, 9.2.3

retrieving, B.4.3.1

searching, 9.2.1, 9.3.1

specifying password durations, 9.2.3

updating, B.4.3.2

Password Policy, Default, 8.2.1

Password Rollover, 7.3.4

password rollover, 7.3.4

passwords

defining requirements, 9.2.3

managing, 1.2, 8.8

privileged, 1.2

propagating, 2.4.1

resetting, 2.4.3, 7.3.3, 7.3.3, 8.8.3, A.4.5, A.4.5, A.5.8, B.5.11, B.6.24

resetting automatically, 1.2, 9.2.3

resetting manually, 8.8.3, 9.2.3

rollover, 7.3.4

service account, B.5.11, B.5.12, B.5.13

service accounts, 7.3

showing, 7.3.1, 7.3.1, 8.8.1, 12.8, A.4.8, A.4.8, A.4.9, A.5.12, B.5.12, B.5.13, B.6.20, B.6.21

showing history, 7.3.2, 8.8.2, A.5.13, B.6.22, B.6.23

specifying duration period, 9.2.3

storing, 1.2

viewing password history, 4.3.6

viewing password reset history, A.4.9

Pattern fields, using, 4.3.5, 8.7

plug-in

filtering rules, 11.3, A.7.1

plug-in framework, Preface, 2.6, 8.1.2, 11.2.1, 11.2.1, 11.2.6, 16.1

plug-ins, B.10.4

adding, A.7.1, B.10.1

adding custom, 2.6

adding custom attributes, A.7.2

creating configurations, 11.3

deleting configurations, 11.6

executing, 3.4, 11.2.7, 11.3, 11.3, 11.3

modifying, A.7.6, B.10.5

opening, 11.5

overview, 11.1

post-operation, 11.2.7.2

pre-operation, 11.2.7.1

removing, A.7.7, B.10.6

removing custom attributes, A.7.3

required Admin Roles, 2.6

retrieving information, A.7.4

searching for, 11.4, A.7.5, B.10.3

verifying, B.10.2

policies

adding, A.3.1, A.3.2

assigning to accounts, 9.2.5

creating, 9.2.4, 9.3.4, B.4.3.3, B.4.4.3

default, 8.2.1

defining, 2.1

deleting, 9.2.6, 9.3.6, B.4.3.5, B.4.4.5

description/purpose, 9.1

disabling, 9.2.4, 9.3.4

getting default, B.4.2

making active, 9.2.4, 9.3.4

modifying, 9.2.3, 9.3.3

opening, 9.2.2, 9.3.2

retrieving, A.3.7, A.3.8, B.4.3.1, B.4.4.1

searching, 9.2.1, 9.3.1

searching for, B.4.1, B.4.1

types, 9.1

updating, B.4.3.2, B.4.4.2

verifying, 9.2.5, 9.2.5

viewing, 9.2.2, 9.3.2

Policy Store, OPSS, 1.2.1

ports

default, 3.1, A.1.1

Listener, 5.3.3

SSL, 5.1.1, A.1.1

post-operation plug-ins, 11.2.7.2

pre-operation plug-ins, 11.2.7.1

privileged accounts

access rights, 2.3.1, 2.3.2

adding, 8.2

administration roles, 2.3.1

assigning policies, 9.2.5

auditing, 14.1

checking out/in, 8.5.1, 8.5.2, 8.6

deployment report, 4.3.3

description, 1.1, 8.1

display listing, A.5.2

granting to groups, 10.3

granting to users, 10.2

managing, 8.1

mapping, 8.2, 8.2, 8.2.3

opening, 8.4, 12.4

removing, A.5.7

removing from target, 8.9

removing group access, A.6.5

resetting passwords, 1.2, 8.8.3, 9.2.3

searching, 4.3.5, 8.3

searching for, A.5.10

searching for checkout history, A.5.11

securing shared, 2.4.2

sharing, 8.1.3, 8.1.3, 8.2.1

showing checked out, 12.6, A.5.5, B.6.11, B.7.3

showing passwords, 8.8.1

viewing your accounts, 8.5.2, 12.2

privileged passwords, 1.2

privileged sessions

checking out, 8.5.2, 9.3.3, 9.3.4

recordings, 8.7

privileges

administrators, 2.3.1

end users, 2.3.2

service accounts, 7.1

troubleshooting, C.3.10

propagating passwords, 2.4.1

propagation, identity, 2.2.1

properties

Session Manager, 5.3.3

protocol mappings, Listener, 5.3.3

provisioning

credentials, 17.3.2

process diagram, 17.3.2

purging data, 15.4.4

---

R

RDBMS data store, 2.4.6

rebranding pages, 15.6

recordings

purging session, 15.4.4

recovering session, 15.4.4

troubleshooting, C.3.13.1

viewing session, 8.7

registered accounts, retrieving, B.5.9

removing

accounts from targets, 8.9

CSF map-keys, B.6.4

custom plug-in attributes, A.7.3

grantees, 10.6, A.6.5, A.6.6

Password Policies, A.3.5

plug-ins, A.7.7, B.10.6

policies, B.4.3.5, B.4.4.5

privileged accounts, A.5.7, B.6.2, B.6.18

required Admin Role, 2.3.1

targets, 6.6, A.4.4, B.5.6

Usage Policies, A.3.6

removing grantees, 8.2.2

reporting

BI Publisher, 14.1.2

example audit report, 14.1.2

reports

audit, 14.1.1.3

Checkout History, 8.7, 13.5

configuring, 14.1.1.1, 14.1.1.1

default audit, 14.1.2

Deployment, 13.2

example audit, 14.1.2

Failure, 13.4

Usage, 13.3

viewing, 13.1

Reports accordion, 4.3.3

Repository Creation Utility, 14.1.1.2, Glossary

Representational state transfer service

See REST (Restful).

resetting passwords, 1.2, 2.4.3, 8.8.3, 8.8.3, 9.2.3, A.4.5, A.5.8, B.5.11, B.6.24

resource catalog, 17.1.1

REST (RESTful)

definition/purpose, Glossary

interface, B.1

service, 1.2.3

retrieving, B.10.4

available accounts, B.5.8

grantees, A.6.7, B.6.8

group information, A.6.8

groups, B.9.1, B.9.2, B.9.3, B.9.4

Password Policies, B.4.3.1

plug-in information, A.7.4

plug-ins, B.10.4

policies, A.3.7, A.3.8

privileged accounts, A.5.9, B.6.7

registered accounts, B.5.9

target types, B.5.10

targets, A.4.6, B.5.4

Usage Policies, B.4.4.1

users, A.6.9, B.6.9, B.8.1, B.8.2

retrieving target attributes, B.5.1

RMAN

backup and recovery, 15.4.1

recovering session recording data, 15.4.4

roles

administration, 2.3.1

application, 2.3.1

Application Configurator, 2.3.1

defining, 2.1

enterprise, 17.1.2.4

Security Administrator, 2.3.1

User Manager, 2.3.1

rollover, password, 6.2.1, 6.2.4, A.4.1.2, A.4.1.3

rules, configuring OIM, 17.1.2.2

---

S

SAML, definition/purpose, Glossary

SAML-based token authentication, 2.2, 5.1.1

saving audit logs, 14.1.1

schema

authentication, 17.2.2.1

creating, 14.1.1.2, Glossary

extending in Oracle Internet Directory, 3.3.3.1.1

for opam-config.xml, 3.2.3

loading, 14.1.1.2

validating, 15.3.2

Search Results tables, using, 4.3.6

searching

for account checkout history, A.5.11

for assigned accounts, B.6.6, B.7.2

for grantees, 10.4

for groups, A.6.10, B.9.5

for plug-ins, 11.4, A.7.5, B.10.3

for policies, 9.2.1, 9.3.1, B.4.1, B.4.1

for privileged accounts, 4.3.5, 8.3, A.5.10, B.6.5, B.7.1

for targets, 6.3, A.4.7, B.5.7

for users, A.6.11, B.8.3, B.8.4

using wildcards, 4.3.5

securing

command line tool, 2.2.2, 2.4.1.2

Console, 2.4.1.2

custom code, 2.6

network channel, 2.4.1

Oracle Privileged Account Manager, 2.4

shared accounts, 2.4.2, 2.4.2.3

Security Administrator role, 2.3.1

security store, OPSS, 1.3

seeding users/groups, 3.3.3.1.2

self-service, 3.5, 12.1

servers

adding OPAM, 5.1.1, 5.2.1

adding OPSM, 5.3.2

BI Publisher, 14.1.1.3

connecting to Oracle Privileged Account Manager server, C.3.1

connecting to Oracle Privileged Session Manager, 5.3.2

managing properties, A.2.1

Oracle Privileged Account Manager architecture diagram, 5.1.1

starting, 3.3.1

status, A.2.2

service accounts

adding, 7.1

configuring, 6.2, 7.2

creating, 7.2, 7.2

description, 1.2.1, 1.2.1, 7.1, 7.1, Glossary

enabling password rollover, 6.2.1, 6.2.4, A.4.1.2, A.4.1.3

managing passwords, 6.5, 7.3, 7.3, B.5.12, B.5.13

privileges, 7.1, 7.1

resetting passwords, 7.3.3, A.4.5, B.5.11

showing passwords, 7.3.1, A.4.8, A.4.9, B.5.12, B.5.13

Session Manager

configuring properties, 5.3.3

session recordings

recovering, 15.4.4

sessions

checking out, 8.5.2, 9.3.3, 9.3.4

recordings, 8.7

troubleshooting, C.3.13.1

shared accounts

auditing, 2.4.2.2

configuring, 8.2.1

description, 2.4.2, 8.1.3

limitations, 8.1.3

securing, 2.4.2.2

security limitations, 2.4.2.2

showing password history, 4.3.6, 7.3.2, 8.8.2, A.5.13, B.6.22, B.6.23

showing password reset history, A.4.9

showing passwords, 8.8.1, 12.8, A.4.8, A.5.12, B.5.12, B.5.13, B.6.20, B.6.21

SSL

communication, 1.2.3, 2.2.2

default ports, 5.1.1, A.1.1

importing certificates, 15.1

specifying endpoint, 5.1.1, A.1.1

specifying the port, 5.2.2

using, 2.2, 2.4.6, 5.1.1, A.1.1

SSO

enabling, 17.2.2

starting

Oracle Privileged Account Manager Managed Server, 3.3.1

WebLogic Admin Server, 3.3.1

status

OPAM instance, A.2.2

storing

connectors, 3.2.2

credentials, 8.2.3, 17.3.1

CSF mappings, 17.3.2

passwords, 1.2

system accounts

managing, 8.1

targets, 6.1

systems, connecting to target, 2.4.1.1

---

T

target GUID

adding accounts, A.5.1

modifying targets, A.4.3

removing targets, A.4.4

retrieving targets, A.4.6

target service accounts, 7.3.1, 7.3.3, A.4.5, A.4.8, A.4.9

target types

lockbox, 6.1, 6.2.3, 7.3.1, 7.3.3, A.4.5, A.4.8, Glossary

retrieving, B.5.10

targets

adding, 4.3.6, 6.1, 6.2, A.4.1, B.5.2

connecting to, 2.4.1.1, C.3.3

display listing, A.4.2

lockbox, 6.1, 6.2.3, 7.3.1, 7.3.3, A.4.5, A.4.8, Glossary

modifying, A.4.3

opening, 6.4

removing, 6.6, A.4.4, B.5.6

removing accounts, 8.9

retrieving, A.4.6, B.5.4

searching for, 6.3, A.4.7, B.5.7

troubleshooting, C.3.3, C.3.4, C.3.5, C.3.11

updating, B.5.5

verifying, B.5.3

TDE mode

disabling

from the command line, A.2.3

from the Console, 5.2.3.1

using REST API, B.3.1.1

enabling, 5.2.3.1

from the command line, 15.2.1.3, A.2.3

from the Console, 5.2.3.1

using REST API, B.3.1.1

securing OPAM database, 2.4.6, 15.2, C.3.12

troubleshooting, C.3.12

test to production, moving components from, 15.5

third-party clients, 1.2.3

tokens, OPSS Trust, 2.1

topology and architecture diagram, 1.2.3

Transparent Data Encryption mode

See TDE mode.

troubleshooting common problems, C

Trust Service, OPSS, 1.2.1

---

U

unattended

accounts, 1.2.1

applications, 1.2.2

unattended accounts, 7.1

unsecure channels, 2.4.1.1

unshared accounts, 2.4.2

updating

accounts, B.6.17

Password Policies, B.4.3.2

targets, B.5.5

Usage Policies, B.4.4.2

URIs, B.1

URLs, default application, 3.1

Usage Policies

activating, 9.3.4

adding, A.3.2

assigning to accounts, 9.2.5

creating, 9.3.4, B.4.4.3

deleting, B.4.4.5

description/purpose, 9.1

disabling, 9.3.4

modifying, 9.1, 9.3.3, A.3.4

removing, A.3.6

retrieving, B.4.4.1

searching, 9.2.1, 9.3.1

updating, B.4.4.2

Usage Reports, 13.3

user authentication, 2.2.1

User Manager role, 2.3.1

users

bootstrap, 2.3.1, Glossary

creating in identity store, 3.3.3.1.2

display listing, A.6.2

granting accounts, 10.2, B.6.3

removing access, A.6.6, B.6.19

retrieving, A.6.9, B.6.9, B.8.1, B.8.2

searching for, A.6.11, B.8.3, B.8.4

self-service, 3.5, 12.1

sharing accounts, 2.4.2.1, 9.3.3

utilities, Repository Creation Utility, 14.1.1.2

---

V

validating opam-config.xml, 15.3.2

verifying

OID configuration, 3.3.2

plug-in configurations, B.10.2

policies, 9.2.5, 9.2.5

privileged accounts, B.6.16

targets, B.5.3

viewing

accounts, 4.3.1

policies, 9.2.2, 9.3.2

reports, 13.1

your accounts, 8.5.2, 12.2

viewing passwords, 8.8.1

---

W

WebGate agents, 17.2

WebLogic

SSL port, 5.1.1, A.1.1

starting Admin Server, 3.3.1

weblogic user, 2.3.1

wildcards, in searches, 4.3.5

WLST commands, 17.2.2.4

workflows

administrator, 3.4

integrating with Oracle Identity Manager, 17.1.1

Oracle Identity Manager support, 17.1.1

self-service, 3.5, 12.1