Oracle® Access Manager Deployment Guide 10g (10.1.4.0.1) Part Number B25344-01 |
|
|
View PDF |
You can change basic components that you specified during Oracle Access Manager installation, such as the person object class or the directory server host. This chapter describes system-level reconfiguration.
This chapter includes the following topics:
What Can Be Reconfigured
There are a number of basic system components that can be reconfigured:
You can configure Oracle Access Manager against a different directory server (for configuration or policy data).
You can specify a new person or group object class.
You can change the class attribute for the person or group object class.
You can reconfigure the following characteristics of the directory:
The host name
Port number
Domain name
Root DN
Root password
Configuration DN
Searchbase
During installation, data that you specify is written to a number of areas, including the following:
setup.xml
configInfo.xml
ois_server_config.xml
The directory server
The following procedure describes how to reconfigure Oracle Access Manager so that it will work properly after you make any of the changes described in "What Can Be Reconfigured" on page 5-1.
To update the system configuration
Shut down the Web server that runs the WebPass.
Stop the Identity Server Service.
Back up your directory configuration data by exporting it to an LDIF file.
Rename the following file to ensure that you have a backup copy:
Identity_Server_install_dir
/identity/oblix/config/ois_server_config.xml.bak
From the directory that you navigated to in the preceding step, back up and then delete the following files:
setup.xml
configInfo.xml
ois_server_config.xml
Copy the file ois_server__config.bak to ois_server__config.xml.
This action allows you to change the configuration settings when you re-run the setup program later in this procedure. It causes the Identity Server to retrieve settings from ois_server__config.xml during setup instead of retrieving the settings from the directory. The information in ois_server__config.xml is migrated to the directory when the Identity Server is restarted.
In the branch of the directory where your policies are stored, locate the WebResrcDB container.
In the WebResrcDB container, delete the following entries:
The entry for WebPass.
The cn for this entry is the ID that you supplied when installing WebPass. Example: wp1_50.
The entry for the Identity Server.
The cn for this entry is the ID that you supplied when installing the Identity Server. Example: ois1_50.
The entry with a timestamp for its ID.
Example: 20010815T16221897. This entry connects the WebPass and Identity Server components.
In the branch of the directory where your policies are stored, locate the DBAgents container and delete all entries under this container.
Restart the Identity Server Service.
Restart the Web server that runs the WebPass.
From your browser, access the Identity System Console:
http://
server
:
port
/identity/oblix/
Rerun the setup program, as described in the following procedure for the Identity System and change any settings that you want to change.
The setup program will display the information that was previously configured for Oracle Access Manager. You can change the configuration information as needed when you rerun setup.
See the Oracle Access Manager Identity and Common Administration Guide for details on rerunning setup for the Access System.
Restart the Identity Server.
The information in ois_server_config.xml (the server name, port, administrator DN, password, searchbase, and configuration base) is migrated back to the directory and the information in the config.xml file is deleted.
To rerun Identity System setup
Shut down all but one Identity Server if there is more than one running.
Go to the only remaining running Identity Server host and open the setup.xml file:
IdentityServer_install_dir/identity/oblix/config/setup.xml
Remove the status parameter (or change the status parameter value from "done" to "incomplete"), as shown below:
For example:
<NameValPair ParamName="status" Value="incomplete"></NameValPair>
Save the file.
Restart the Identity Server.
From your Web browser, launch the Identity System Console.
You will see a Setup page similar to the one that appears during the initial Identity System setup.
Initiate setup again and specify the new information.
After completing the setup, restart the other Identity Servers.
The other Identity Servers should pick up the new information.