Skip Headers
Oracle® Application Server Release Notes
10
g
(10.1.4) for Linux x86
Part Number B28193-08
Home
Book List
Index
Master Index
Contact Us
Next
View PDF
Contents
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
1
What's New in the
Oracle Application Server Release Notes
?
2
Introduction
2.1
Latest Release Information
2.2
Purpose of this Document
2.3
Operating System Requirements
2.4
Multiple Versions of Identity Management in this Release
2.5
Certification Information
2.6
Licensing Information
3
Installation and Upgrade Issues
3.1
Installation Issues
3.1.1
Workaround if HTTP Server Configuration Assistant Fails
3.1.2
IPv6 Not Supported
3.1.3
Create Symbolic Links Before Installing Oracle Metadata Repository Creation Assistant on Red Hat Enterprise Linux AS/ES 4.0
3.1.4
Unique Global Database Name Required During Installation
3.1.5
Do Not Use Turkish Locale During Installation
3.1.6
Oracle Application Server Repository Creation Assistant Fails During Loading When the Database Uses Certain Chinese Character Sets
3.1.7
OracleAS Cold Failover Cluster: Additional Configuration Steps for Oracle Delegated Administration Services
3.1.8
Oracle Internet Directory SSL Connection Fail Intermittently
3.1.9
Incorrect Location for Debug Message
3.1.10
Illegible or Garbage Characters Output in a Russian Locale
3.1.11
Application Server Control Console Link Not Operational in non-English Installations
3.1.12
Set the NLS Parameter Before Installing
3.1.13
Excessive Privileges for OracleAS Metadata Repository Installations
3.1.14
Incorrect Guidelines for Online Help
3.1.15
OIDCA Fails Due to Misconfiguration in /etc/hosts
3.1.16
DB Console of Infrastructure IM+MR Cannot be Started
3.2
Upgrade Issues
3.2.1
Clarification of When to Run the Metadata Repository Upgrade Assistant
3.2.2
Upgrade of Identity Management Installation to 10.1.4.0.1
3.2.3
Additional Step Required When Upgrading OracleAS Metadata Repository Release 9.0.4.3 to 10.1.4.0.1
3.2.4
Configuring Port Values for the Load Balancer and Oracle Internet Directory When Upgrading Oracle Application Server Cluster (Identity Management)
3.2.5
Harmless Error Messages During OracleAS Metadata Repository Upgrade
3.2.6
Metadata Repository Container Version
3.2.7
Issues When Using the ldifwrite Command to Back Up the Oracle Internet Directory
3.2.8
Upgrade of OracleAS Cold Failover Clusters Fails While Running Configuration Assistant
3.3
Documentation Errata
3.3.1
Possible Error Message When Decommissioning a 10.1.4.0.1 Oracle Home After Upgrade
3.3.2
Incorrect Line Breaks in MRUA Sample Output
3.3.3
Incorrect Global Database Naming Standard
3.3.4
Incorrect Table Title in the Installation Guide
4
General Management and Security Issues
4.1
General Management Issues
4.1.1
Modifying targets.xml After Enabling SSL for Oracle Identity Management 10g (10.1.4.0.1)
4.1.2
Changing the IP Address of a Metadata Repository Created with Oracle Application Server Repository Creation Assistant
4.1.3
Oracle Enterprise Manager Grid Control Does not Display all Integration Profiles
4.1.4
Additional Information for Changing Hostname for Identity Management Installations
4.2
Documentation Errata
4.2.1
References to OracleAS Web Cache and OracleAS Portal in the Application Server Control Console Online Help
5
High Availability
5.1
General Issues and Workarounds
5.1.1
Upgrade to OracleAS Guard Release 10.1.2.2.1
5.1.2
Problem Performing a Clone Instance or Clone Topology Operation
5.1.3
OracleAS Guard Release 10.1.2.1.1 Cannot Be Used with Oracle RAC Databases
5.1.4
OracleAS Guard Returned an Inappropriate Message When It Could Not Find the User Specified Database Identifier
5.2
Configuration Issues and Workarounds
5.2.1
The asgctl shutdown topology Command Does Not Shut Down an MRCA Database That is Detected To Be of a repCa Type Database
5.2.2
Database SIDs Must be the Same for Database Peers at Primary and Standby Sites
5.2.3
Use All Uppercase Characters for Database Initialization Parameters to Avoid Instantiate and Sync Problems
5.2.4
Use the Same Port for ASG on the Production and Standby Sites to Avoid clone instance Operation Problems
5.2.5
Use Fully Qualified Path Names with the add instance Command
5.2.6
ASG Cloning is Not Supported when the Number of Oracle Homes is Different at the Primary and Standby Hosts
5.2.7
Entries in TNSNAMES.ORA File that Lack Domain Names Cause Disaster Recovery Problems
5.3
Documentation Errata and Omissions
5.3.1
Availability of a Previously Undocumented asgctl Command: create standby database
5.3.2
Connecting to an OracleAS Guard Server May Return an Authentication Error
5.3.3
All emagents Must Be Shut Down Before Performing OracleAS Guard Operations
5.3.4
Procedure to Patch a 10.1.2.0.0 Disaster Recovery Setup with a 10.1.2.1.0 Patchset
5.3.5
Running Instantiate Topology Across Nodes After Executing a Failover Operation Results in an ORA-01665 Error
5.3.6
OracleAS Guard Is Unable to Shutdown the Database Because More Than One Instance of Oracle RAC is Running
6
Oracle Access Manager
6.1
About Installation Packages, Patch Sets, Bundle Patches, and Newly Certified Agents
6.1.1
Full Installer Packages
6.1.2
Patch Sets, Bundle Patches, and Patch Set Exceptions
6.1.2.1
Updating Oracle Access Manager 10g (10.1.4) with the Latest Patch Sets
6.1.2.2
Retrieving the Latest Bundle Patch
6.2
General Issues
6.2.1
New Location for the Platform Support Matrix
6.2.2
Known Issue With JDK 1.1.7
6.2.3
The Name "Query Builder" Is Not Always Translated
6.2.4
Users Can Access Resources After Password Reset Without Logging In
6.2.5
Time Management and Daylight Savings Time
6.2.6
Caveat to Create a Password Policy with Change on Reset Enabled
6.2.7
Login.html Not Found if Browser Language is Not Supported
6.3
Installation and Upgrade Issues and Workarounds
6.3.1
WebGate Fails to Initialize
6.3.2
Change the Transport Security Mode During Installation
6.3.3
iPlanet Server Fails After Tuning
6.3.4
Oracle Internet Directory Servers Require Tuning After Installation
6.3.5
Oracle HTTP Server Fails to Start After Component Installation
6.3.6
The Installer Hangs on Linux
6.3.7
Support for DirX Has Been Deprecated
6.3.8
"Enter Password" String Does Not Display Correctly During Installation
6.3.9
Uninstalling a Language Pack With a "2" Designation Causes an Error
6.3.10
Simple Mode Password File Not Converted During Upgrade
6.3.11
Unnecessary Message Asks for SDK Migration Bundles During Upgrade
6.3.12
Unable to Locate Bundles Needed for COREid 6.x Upgrades
6.3.13
Problem with Automatic Directory Updates During Identity Server or Policy Manager Installation
6.3.14
Challenge Parameter Rows Discarded During the Master Access Manager Upgrade
6.3.15
Applying Release 10.1.4 Patch Set 1 (10.1.4.2.0) to Finish Upgrading With a Switch from Solaris to Linux
6.3.16
No Translation Support for the SNMP Agent Installshield
6.3.17
Installation of Identity Server 10.1.4.0.1 With Sun Java Directory Server 6.0
6.4
Removal and Rollback Issues and Workarounds
6.4.1
Removing Language Packs
6.4.2
Removing the Default Administrator Language
6.4.3
Removing Components and Reinstalling
6.4.4
Rollback Issues After Upgrading to Oracle Access Manager 10g (10.1.4)
6.4.4.1
Halting On-the-fly User Data Migration Phase 1
6.4.4.2
Halting On-the-fly Migration of User Data: Phase 2
6.4.4.3
Restarting On-the-fly User Data Migration
6.5
Access System Issues and Workarounds
6.5.1
Disabling the User Cache for the Access Server
6.5.2
WebGate Diagnostics URL Incorrectly Report the Access Server Is Down
6.5.3
WebGate Is Unable to Connect to Its Associated Access Server
6.5.4
An Authentication Action for Form-Based Authentication Redirects to a Non-Secure Page
6.5.5
Access Server Memory Usage Rises After Configuring a Directory Server Profile
6.5.6
Client Certificate Authentication Not Working on Linux Oracle HTTP Server 2 Web Servers
6.5.7
The Passthrough Challenge Parameter Does Not Work on a Domino Web Server
6.5.8
Steps for Integrating the Access System with OracleAS Single Sign-On 10.1.2.0.2
6.5.9
Return Type Parameters Are Case-Sensitive in This Release
6.5.10
Single Sign-On with Oracle Identity Management Fails
6.5.11
Policy Manager API Support Used Incorrectly in Help and Access System Console
6.5.12
webgate.so Not Found Error After Form-based Login
6.6
Identity System Workarounds and Issues
6.6.1
Identity System Deletes a User Entry When an RDN is Modified
6.6.2
Self-Referential Style Sheets Cause the Identity Server to Halt
6.6.3
Circular References in XSL Causes the Identity Server to Halt
6.6.4
Auditing for the Identity System Ceases to Work
6.6.5
Identity Server Crashes if It Cannot Find a Style Sheet
6.6.6
WebPass Is Unable to Connect to Its Associated Identity Server
6.6.7
Memory Usage Rises for an Identity Server After Configuring a Directory Server Profile
6.6.8
Errors Are Found in the HTTP Logs After Setting Up the Identity System
6.6.9
The Identity Server Spins After Setup or During Workflow Creation or Use
6.6.10
Reports With Non-ASCII Characters Are Not Imported Correctly in Excel
6.6.11
Translation of Tab Names May be Incomplete
6.6.12
Non-ASCII Values for Certain Display Types Are Corrupted in the Identity System Console
6.6.13
Data Is Lost When Saving an Object Profile in Org. Manager
6.6.14
Incorrect Path Provided to the UDDI Files
6.6.15
Incorrect Path Setting for Running Sample WSDL Code
6.6.16
User Creation Might Fail When You Have Multi-byte Characters in the Password
6.6.17
Modifying Challenge and Response Phrases for Lost Password Management from a Panel
6.6.18
Workflow Buttons Might Appear Disabled with Firefox 3.5 on Linux
6.7
Third-Party Integration Issues
6.7.1
Users Receive Errors When Accessing WebLogic Resources
6.7.2
The Deploy Link on the WebLogic Console Does Not Respond to Users Without a Role
6.7.3
No Error Is Displayed When You Create a WebLogic Group that Already Exists
6.7.4
Double-Byte Language Packs Do Not Work with the WebLogic SSPI Connector
6.7.5
Integrating with Oracle Application Server Single Sign-On
6.7.6
File Needed for Registrytester Not Bundled with IBM WebSphere Application Server 6.1
6.8
Directory Issues
6.8.1
Error "There Is No Profile Configured for this Kind of Object"
6.8.2
Issues With the Display of Messages in Some Languages
6.8.3
Support for eDirectory 8.7.3
6.9
Documentation Issues
6.9.1
Reference to Oracle Internet Directory Is Needed in Installation Preparation Checklist
6.9.2
Error in Environment Variable Setting for WebSphere Integration
6.9.3
Help Mentions WebGateStatic.lst But No Such File Exists
6.9.4
The obEnableCredentialCache Credential Mapping Parameter Is Misspelled
6.9.5
Warning Regarding Retrieving Authorization Data From an External Source
6.9.6
Active Directory MaxPageSize Parameter Stated as PageSize Parameter
6.9.7
Missing Parameter in globalparams.xml Documentation
6.9.8
Incorrect obver Attribute Value Stated in Documentation
6.9.9
Changes in System Behavior for obVer Missing in Manuals
6.9.10
Items Needed for WebLogic 9.2 Application Server Certification
6.9.11
Corrected Default Path Names in
Oracle Access Manager Installation Guide
6.9.12
OIS and Access Server Service Start is Automatic by Default
6.9.13
Certificate Utility Flags Incorrect for Oracle Virtual Directory SSL Listener
6.9.14
Tuning Oracle Internet Directory for Oracle Access Manager
6.9.15
Obtaining/Updating Sample Adapter and Mapping Templates for Oracle Virtual Directory
6.9.16
Typographical Error in the Solution for "The Login Form Appears Repeatedly"
6.9.17
Added Required Database User Privileges to Upload Schema in Oracle Access Manager Configuration Manager
6.9.18
Added Audit File Renaming Steps to
Oracle Access Manager Upgrade Guide
6.9.19
Corrected Path Details for Oracle Virtual Directory Schema Files
6.9.20
Corrected LDAPModify Syntax for Oracle Virtual Directory
6.9.21
Added SSL Requirements When Upgrading Schema and Data with Master Access Manager
6.9.22
Corrected Path Names for Schema Index Files in Oracle Access Manager Upgrade Guide
6.9.23
Corrected Environment URL in Oracle Access Manager Configuration Manager Installation and Administration Guide
6.9.24
Missing Challenge Parameter
"realmunique:yes"
6.9.25
Installation Guide Offers Misleading Instructions for COREid Web Component on SELinux
6.9.26
Misleading Title for Enabling Client Cert on IIS in
Oracle Access Manager Installation Guide
6.9.27
oblixCoreidServerDown has the Same Description as oblixCoreidServerFailure
6.9.28
Syntax Correction in Oracle Access Manager Customization Guide
6.9.29
Clarification of
unique_value_attrs
in ldapreferentialintegrityparams.xml
6.9.30
Clarification on Reconfiguring COREid Server and WebPass
6.9.31
Updating Novell eDirectory Schema Details
6.9.32
Clarification in WebLogic Chapter of
Oracle Access Manager Integration Guide
6.9.33
Policy Manager API Support Should Read Access Management Service
6.9.34
Invalid URL Patterns in Policy
6.9.35
Update for Apache v2 for WebGate on UNIX with the mpm_worker_module
7
Oracle Application Server Single Sign-On
7.1
Installation, Installation and Upgrade Issues
7.1.1
Directory Considerations During Installation
7.1.2
Directory Considerations After Installation
7.1.3
Identity Management Grid Control Considerations During Uninstallation
7.2
General Issues
7.2.1
Oracle Directory Manager Is no Longer Supported
7.2.2
Deleting and Recreating a User Causes an Error When Accessing an External Application
7.2.3
You Must Change the Value for the ORCLDASURLBASE Attribute in Oracle Internet Directory After Enabling SSL
7.2.4
Clarification Needed for Implementing the IPASAuthInterface.java Package
7.2.5
Multiple Single Sign-On Servers Cannot Share a Global User Inactivity Timeout
7.2.6
A "Host Unavailable" Entry Appears on Non-English Monitoring Pages
7.2.7
Dynamic Global Logout Directives Must Pass the String "Oracle SSO"
7.2.8
Multilevel Authentication Configuration May or May Not Require a Port Number
7.3
Documentation Errata
7.3.1
Incomplete Information in "Developing Applications for Single Sign-On" Chapter of Oracle Identity Management Application Developer's Guide
8
Oracle Identity Federation
8.1
Installation and Upgrade Issues
8.1.1
Oracle Identity Federation Configuration Assistant Fails in SSL Mode
8.2
General Issues and Workarounds
8.2.1
Credential Re-entry When Accessing a SiteMinder Protected Resource
8.2.2
Reauthentication after Session Timeout with OracleAS Single Sign-On and SAML 1.x or WS-Federation
8.2.3
Attribute Sharing with the Microsoft Internet Information Server
8.2.4
Redirection Loops with Oracle Access Manager
8.2.5
Truncated Text in Japanese Version of Oracle Universal Installer
8.2.6
Unused Assertion Profile With Invalid Attribute Mapping Can Cause SSO Failure
8.2.7
Signed SAML 1.0 Assertions Can Cause SSO Failures
8.2.8
Encrypting Network Connections
8.2.9
Spurious Certificate Verification Failure in Debug Log
8.2.10
Forced Reauthentication Not Supported with OracleAS Single Sign-On
8.3
Configuration Issues and Workarounds
8.3.1
Administration Console Is Not Accessible After Changing Transient Data Store
8.3.2
Signing SAML Response with Assertion
8.3.3
Assertions Using SAML 1.x POST Method Fail in Japanese Locale
8.3.4
Using RDBMS as a User Data Store with a Login column ID of type CHAR
8.3.5
Some Peer Providers Are Not Displayed in Administration Console
8.3.6
SAML 2.0 Metadata AttributeRequesterDescriptor Not Supported
8.3.7
Problems Disabling Protocol Profiles in Administration Console
8.3.8
Metadata Service URLs With Query Parameters Not Supported
8.4
Documentation Errata
8.4.1
Incorrect Header in Oracle Identity Federation Online Help
8.4.2
Enhanced Description of Provider Configuration
8.4.3
Update to Section 4.2.6.2 Creating a Custom Authentication Engine
9
Oracle Security Developer Tools
9.1
General Issues and Workarounds
9.1.1
Oracle XML Security Does Not Handle the InclusiveNamespaces Tag
10
Oracle Internet Directory
10.1
General Issues and Workarounds
10.1.1
Perform Full Database Backup After Administrative Changes to Oracle Internet Directory
10.1.2
Comment Out ACL Attributes Not Defined in the Schema
10.1.3
Specify DN of the DIT When Dumping Directory Entries for an Advanced Replication Agreement
10.1.4
Data Manipulation at Database Level is Not Supported
10.2
Configuration Issues and Workarounds
10.2.1
Set Language Before Using bulkload
10.3
Documentation Errata
10.3.1
Bad Links in Online Help Pages
10.3.2
Missing Line Break in sqlplus Command
10.3.3
Errors in oracle.ldap.util.Subscriber.createUser() Documentation
10.3.4
Missing Example: How to Decode a Mime-Encoded Header Set by mod_sso
10.3.5
Error in Identity Management Grid Control Plug-in Context-Sensitive Help
10.3.6
Missing Note: The labeledURI Attribute host:port is for Syntax Purposes Only
10.3.7
Missing Example: Listing All the Attributes in the Directory by Using ldapsearch
10.3.8
Incorrect Environment Variables in Plug-in Debugging Examples
10.3.9
Figure Errors in Replication Concepts Chapter
10.3.10
Bad ldifwrite Parameter in Backup Chapter
10.3.11
Error in Sample Code for Java Plug-ins
10.3.12
Obsolete Step in SSL Configuration Procedure
10.3.13
Errors in Oracle Directory Manager Help and in Appendix A of the Oracle Internet Directory Administrator's Guide
10.3.14
No Maximum Value Documented for pwdGraceLoginLimit
10.3.15
Setting orcldataprivacymode to 1 Prevents OC4J_SECURITY from Starting
10.3.16
External Authentication Scripts Have .pls Extension
10.3.17
Patch Notes 10g (10.1.4.3.0) Contains Incorrect Instruction to Apply a Patch
11
Oracle Virtual Directory
11.1
General Issues and Workarounds
11.1.1
Creating oraInst.loc File During Installation of Oracle Virtual Directory 10
g
(10.1.4.3.0) on AIX
11.2
Documentation Errata
11.2.1
Correction for Access Control Rules Documentation
12
Oracle Application Server Certificate Authority
12.1
Documentation Errata
12.1.1
Java Classes for Custom Policy Plug-in Must Use JDK 1.4.2
12.1.2
Incorrect Class Name in Custom Policy Example
13
Oracle Delegated Administration Services
13.1
General Issues and Workarounds
13.1.1
Installation Process Does Not Enable SSL for Oracle Delegated Administration Services
13.1.2
Using Single Wildcard Characters to Search for Entries Fails to Return Results
13.1.3
Oracle Internet Directory Self-Service Console Link Does Not Work in Oracle Identity Manager Grid Control Plug-in
13.1.4
Attributes Set to "Searchable" Always Appear on the Search Result Page
13.2
Administration Issues and Workarounds
13.2.1
Disabling Password Change and Reset Functionality
13.2.2
Resetting Oracle Application Server Single Sign-On Passwords Redirects Users to Oracle Delegated Administration Services Home Page
13.3
Online Help Issues and Workarounds
13.3.1
No Help Topic When Managing Applications
13.3.2
The
ou
Attribute is Not Allowed In User Entries
13.4
Documentation Issues
13.4.1
Session Context is Not Clearly Documented
13.4.2
Special Characters for User ID Needs Updating
13.4.3
Clarification: Old_password Not Being Passed to Custom Pre_modify Password Policy Plug-in
14
Oracle Directory Integration Platform
14.1
Configuration Issues and Workarounds
14.1.1
Configuration Requirements for Synchronizations with Domain-Level Mappings
14.1.2
Directory Integration Assistant Throws "LDAP: error code 2 - Decoding Error" When Uploading an Additional Configuration Information File
14.1.3
Reconfiguring the Oracle Password Filter for Microsoft Active Directory Generates Errors
14.1.4
In a High Availability Environment Using Multimaster Replication, Provisioning Events May not Be Propagated or May Be Duplicated
14.1.5
Manual Step Required After Configuring Oracle Directory Integration Platform from Oracle Enterprise Manager
14.1.6
Securing the Windows Registry Before Installing the Oracle Password Filter for Microsoft Active Directory
14.1.7
DIP_GEN_CREATECHG_EXCEPTION Raised When Source Directory Contains More than 10 Attributes to be Synchronized
14.1.8
Deletions Not Synchronized if a Domain Editing Rule Exists
14.1.9
Synchronizing modrdn from Sun Java System Directory Throws a Stack Trace
14.1.10
The SearchDeltaSize Parameter is Ignored During Synchronization
14.1.11
Add Operations Not Synchronized and Synchronization Fails with an "objcls is NULL" Message in the Trace File
14.2
Administration Issues and Workarounds
14.2.1
Default Mapping Rule Can Be Simplified in Single-Domain Microsoft Active Directory Deployments
14.2.2
Oracle Directory Integration Platform Not Sending Provisioning Events Due to Purged Change Log Entries
14.2.3
Oracle Internet Directory Field Unavailable in Oracle Identity Manager Grid Control Plug-in
14.2.4
Synchronizion from Novell eDirectory or OpenLDAP Fails When the Oracle Internet Directory Container is Within the Default Realm
15
Oracle Adaptive Access Manager
15.1
Full Installation Packages
15.2
Bundle Patch Contents
15.3
General Upgrade Instructions
15.4
Component and Database Upgrade Procedures
15.4.1
Upgrading Command Line Interface
15.4.2
Upgrading the Database
15.4.3
Upgrading the Location Loader
15.4.4
Applying the Patch for Native Integration
15.4.5
Upgrading the Oracle Adaptive Access Manager-Oracle Access Manager Integration
15.4.6
Upgrading the Oracle Adaptive Access Manager BIP Reports
15.4.7
Upgrading Adaptive Risk Manager Offline
15.4.7.1
Pre-requisites
15.4.7.2
Steps
15.4.8
Upgrading Adaptive Risk Manager Online
15.4.8.1
Pre-requisites
15.4.8.2
Steps
15.4.9
Upgrading Rule Conditions
15.4.9.1
Pre-requisites
15.4.9.2
Steps
15.4.10
Upgrading Adaptive Strong Authenticator
15.4.11
Upgrading the Oracle Adaptive Access Manager Proxy for Apache
15.4.11.1
Oracle Adaptive Access Manager Proxy for Apache Patch Installation Instructions
15.4.11.2
Oracle Adaptive Access Manager Proxy for Apache Patch Backout Instructions
15.4.12
Upgrading the Oracle Adaptive Access Manager Proxy for Microsoft ISA
15.4.13
Upgrading .NET API
15.4.13.1
Overview
15.4.13.2
Applying the Fix
15.4.13.3
Fix Details
15.4.14
Upgrading the Keystore Util Package
15.5
Creating a Database for an Oracle Database with the Partition Option
15.5.1
Creating a Oracle Adaptive Access Manager Database Schema for an Oracle Database with the Partition Option
15.5.2
Partition Reference
15.5.2.1
Tables
15.5.2.2
Partition Maintenance Scripts
15.6
Upgrading the Database from 10.1.4.5.0 to 10.1.4.5.bp1
15.6.1
Database Patch Requirement
15.6.2
Database Patch Details
15.6.3
Database Patch Installation Instructions
15.6.4
Database Patch Execution Time
15.6.5
Database Patch Special Instruction
15.6.6
Best Practices
15.7
10.1.4.5.bp1 Database Patch Details
15.7.1
Create additional indexes for performance
15.7.2
Remove foreign keys from Transactional tables
15.7.3
Change VCRYPT_TRACKER_USERNODE_LOGS
15.8
Upgrading the Database from 10.1.4.5.bp1 to 10.1.4.5.bp2
15.8.1
Database Patch Requirement
15.8.2
Database Pre-requisite
15.8.3
Database Patch Details
15.8.4
Database Patch Installation Instructions
15.8.5
Validation
15.8.6
Server Restart
15.9
10.1.4.5.bp2 Database Patch Details
15.9.1
Objects Altered or Added
15.9.1.1
Columns
15.9.1.2
Constraints
15.9.1.3
Indexes
15.9.1.4
Sequences
15.9.1.5
Tables
15.9.2
Seed Data
15.10
Setting Up Database Archive and Purge Routines (10.1.4.5.bp3)
15.10.1
Purge Process
15.10.2
Archive Process
15.10.3
Archive and Purge Data Classification
15.10.3.1
Device Fingerprinting
15.10.3.2
Transaction In-Session Based Data
15.10.3.3
Auto-learning Profile Data
15.10.3.4
Rule Log Data
15.10.4
Archive and Purge Process
15.10.4.1
Archive and Purge Process - Special Recommendations for Schemas with Partitioned Objects
15.10.4.2
Archive and Purge Process - Setting Up for Users with an Existing Process In Place
15.10.4.3
Archive and Purge Process - Setting Up for the Oracle Database
15.10.4.4
Archive and Purge Process - Setting Up for the SQL Server Database
15.10.5
Performing Archive and Purge
15.10.5.1
Oracle Databases
15.10.5.2
SQL Server Database
15.10.6
Validating Archive and Purge
15.10.7
Restoring Archived Data
15.11
10.1.4.5.bp3 Archive and Purge Details
15.11.1
List of Tables and the Corresponding Archived Tables
15.11.1.1
Device Fingerprint Tables and Corresponding Archived Tables
15.11.1.2
Auto-learning Transactional Tables and Corresponding Archive Tables
15.11.1.3
Transaction Tables and Corresponding Archived Tables
15.11.1.4
Rule Logs Tables and Corresponding Archived Tables
15.11.2
Scripts to Set Up Archive and Purge
15.11.2.1
Scripts for the Oracle Database
15.11.2.2
Scripts for the SQL Server Database
15.11.3
Scripts to Execute Archive and Purge
15.11.3.1
exec_sp_purge_tracker_data.sql
15.11.3.2
exec_sp_purge_txn_log.sql
15.11.3.3
exec_sp_purge_workflow_data.sql
15.11.3.4
exec_sp_purge_profile_data.sql
15.11.3.5
exec_sp_purge_rule_log.sql
15.11.4
Drop Scripts for Partitioned Tables
15.11.4.1
Drop_Monthly_Partition_tables.sql
15.11.4.2
Drop_Weekly_Partition_tables.sql
15.12
Upgrading the Database from 10.1.4.5.bp2 to 10.1.4.5.bp5
15.12.1
Database Pre-requisite
15.12.2
Database Patch Details
15.12.2.1
Oracle
15.12.2.2
Microsoft SQL Server
15.12.3
Database Patch Installation Instructions
15.12.4
Validation
15.12.5
Server Restart
15.13
10.1.4.5.bp5 Database Patch Details
15.13.1
Oracle
15.13.2
MS SQL Server
15.14
Upgrading the Database from 10.1.4.5.bp5 to 10.1.4.5.bp6
15.14.1
Database Pre-requisite
15.14.2
Database Patch Details
15.14.3
Objects Impacted
15.14.4
Database Patch Installation Instructions
15.14.5
Validation
15.14.6
Server Restart
15.15
Documentation Corrections
15.15.1
Configuration to Log Rule Executions Based on Total Rule Processing Time Taken
15.15.2
Pattern Member Condition Does Not Take into Account the Bucket
15.15.3
Randomize KBA Questions
15.15.4
No Rule Logs Shown in Offline Application
15.15.5
Slider in OAAM 10.1.4.5 bpX
15.15.6
Session: Time Unit Condition
15.15.7
Using Time Extraction Scheme for Time Portion
15.15.7.1
Use Cases that require using "Time Extraction"
15.15.7.2
During Transaction Definition Phase
15.15.7.3
Using the time field in transaction rules
15.15.7.4
Limitations of time extraction and usage in transaction rules
16
Oracle Role Manager
16.1
Latest Release Information
16.2
What's New in Oracle Role Manager
16.2.1
New Component Support
16.2.1.1
Operating System Requirements
16.2.1.2
Application Servers
16.2.1.3
Oracle Role Manager Integration Library Certification
16.2.2
New Features and Enhancements
16.2.2.1
Usability
16.2.2.2
Installation
16.2.2.3
Integration Library
16.2.2.4
Upgrade
16.2.3
Application Data Model Changes
16.2.4
Java API Changes
16.2.4.1
Classes
16.2.4.2
Methods
16.3
Certified Components
16.3.1
Operating Systems
16.3.2
Application Servers
16.3.3
Databases
16.3.4
Certified JDKs
16.3.5
Supported Configurations
16.3.6
Certified Single Sign-On Components
16.3.7
Languages
16.3.8
Web Browsers
16.4
Fixes in This Release
16.5
Known Problems
16.5.1
Auditing
16.5.1.1
Some audit messages unclear or inaccurate
16.5.1.2
System displays misleading information for create transactions
16.5.1.3
Duplicate audit messages are displayed in the transaction details
16.5.2
General Usability
16.5.2.1
User has no indication why the Delete option is disabled for organizations with child entities
16.5.2.2
Wrapping of data fails
16.5.2.3
Context menu continues to display when a user selects another transaction
16.5.2.4
Unnecessary scroll bar on tabbed pages
16.5.2.5
Hierarchy bread crumbs update only on submit and reload of the page
16.5.2.6
Tree view requires refresh to reflect recent updates
16.5.2.7
Timestamp value does not always match user's locale in role mapping details
16.5.2.8
Submit button appears functional to users without appropriate sphere of control to edit role
16.5.2.9
Cannot change sphere of control while creating a new role if user switches tab focus
16.5.3
Installation
16.5.3.1
Configuration Assistant fails on retry after database connection
16.5.3.2
Installer intermittently skips screens when the user goes back to previous screen
16.5.3.3
System displays the file copy progress as 92% on completion instead of 100% while running the silent installer
16.5.3.4
In clustered environments, managed server fails to start after configuring WebLogic using the provided template
16.5.3.5
Oracle Role Manager install/deploy on Solaris SPARC 64 bit fails due to insufficient permission
16.5.3.6
Oracle Role Manager configuration assistant failed Solaris SPARC 64 bit during installation
16.5.3.7
Oracle Role Manager runInstaller fails to install on SUSE 10
16.5.4
Integration Library
16.5.4.1
Sequence in which records are reconciled from Oracle Identity Manager affects creation of relationships between person records
16.5.4.2
Exception in Oracle Identity Manager application server console while running RoleManagerUserGroupsCleanup scheduled task
16.5.4.3
Static business roles with the same name not created properly in Oracle Identity Manager
16.5.4.4
OIM-setup.sh and ORM-setup.sh scripts does not run on SUSE 10 machine
16.5.5
Search
16.5.5.1
Sorting of items in search results are case sensitive
16.5.5.2
Search results fail to refresh in pop-up windows
16.5.5.3
Searchable attributes/operators should be sorted alphabetically
16.5.5.4
Search operator should be retained when selecting a different search attribute.
16.5.5.5
Misleading message when user attempts empty wildcard search
16.5.6
Server
16.5.6.1
Data load fails when data contains the specified field delimiter
16.5.6.2
System allows the System Administrator system role to be deleted or made inactive
16.5.6.3
J2EE EJB method invocation may time out and roll back if batch role resolution takes longer than specified time
16.5.6.4
Oracle RAC support lacks certification for high availability scenarios
16.5.6.5
Bulk loading of large data set with Sun JDK throws errors
16.5.6.6
Deploy tool fails to deploy when CAR file contains unchanged XML
16.5.6.7
Web sessions on clustered JBoss environments may not failover where messages are waiting to display
16.5.6.8
Problems when the database server and the application server are set to different times
16.5.6.9
JMSContainerInvoker exception displays in console on clustered JBoss environments
16.5.7
System Messages
16.5.7.1
System fails to display a warning dialog when canceling or navigating away from a create process
16.5.7.2
No warning message when delegating a Business Role twice to the same person
16.6
Certification Information
17
Oracle Identity Manager
17.1
What's New in Oracle Identity Manager Release 9.1.0.2?
17.1.1
Support for Segregation of Duties (SoD)
17.1.2
Support for Offline Provisioning
17.1.3
Support for Capture and Use of Entitlement Data
17.1.4
Introduction of the Bulk Load Utility
17.1.5
Support for Future-Dated Reconciliation Events
17.1.6
Support for Connection Pooling
17.1.7
Support for the Arabic Language
17.1.8
Enhanced Support for Integration Between Oracle Role Manager and Oracle Identity Manager
17.1.9
Additional Changes on the Oracle Identity Manager UIs
17.1.10
New Scheduled Tasks
17.1.10.1
Scheduled Tasks for the SoD Feature
17.1.10.2
Scheduled Tasks for Working with Entitlement Data
17.1.10.3
Scheduled Tasks for the Offline Provisioning Feature
17.1.10.4
Other Scheduled Tasks
17.1.11
New Reports
17.1.12
New APIs
17.1.13
New System Properties
17.1.14
New Adapters
17.2
Certified Components
17.2.1
Certified Application Servers
17.2.2
Certified Languages
17.3
Upgrading to Oracle Identity Manager Release 9.1.0.2
17.3.1
Addressing Prerequisites for the Upgrade
17.3.2
Upgrading the Oracle Identity Manager Database
17.3.2.1
Upgrading Oracle Identity Manager Database on Microsoft SQL Server
17.3.2.2
Upgrading Oracle Identity Manager Database on Oracle Database
17.3.2.3
Loading Metadata into the Database
17.3.2.4
Loading E-Mail Templates
17.3.2.5
Using the Oracle Identity Manager Database Validator
17.3.3
Upgrading Oracle Identity Manager
17.3.3.1
Copying Files
17.3.3.2
Modifying the FormMetaData.xml File
17.3.3.3
Upgrading Oracle Identity Manager on Oracle WebLogic Server
17.3.3.4
Upgrading Oracle Identity Manager on JBoss Application Server
17.3.3.5
Upgrading Oracle Identity Manager on IBM WebSphere Application Server
17.3.3.6
Upgrading Oracle Identity Manager on Oracle Application Server
17.3.4
Upgrading the Oracle Identity Manager Design Console
17.3.5
Upgrading the Oracle Identity Manager Remote Manager
17.3.6
Redeploying the Diagnostic Dashboard
17.3.6.1
Redeploying the Diagnostic Dashboard on IBM WebSphere Application Server
17.3.6.2
Redeploying the Diagnostic Dashboard on JBoss Application Server
17.3.6.3
Redeploying the Diagnostic Dashboard on Oracle Application Server
17.3.6.4
Redeploying the Diagnostic Dashboard on Oracle WebLogic Server
17.3.7
Redeploying the SPML Web Service
17.3.8
Enabling the Integration with Oracle Role Manager
17.3.9
Applying the Patch for Arabic Language Support
17.3.10
Reapplying Customizations and Compiling Adapters
17.4
Resolved Issues
17.5
Known Issues and Workarounds
17.5.1
General Known Issues
17.5.1.1
Exception May Be Thrown While Using SSO to Log In to Administrative and User Console When Oracle Identity Manager Is Installed in a UNIX/Linux Environment
17.5.1.2
Stack Overflow Exception Thrown When Importing an XML File
17.5.1.3
ConcurrentModificationException in JBoss Cluster Configuration When Replicating Session Data
17.5.1.4
Pending Approvals Cannot Be Filtered by Requester Name
17.5.1.5
All Records Returned When Filtering Records by the Date Type User Defined Field and Searching Using Character Strings
17.5.1.6
Date Value Entered in Incorrect Format in the Administrative and User Console Date Fields Causes an Error Message to Be Displayed
17.5.1.7
Errors When Modifying Settings and Assignments for Internal System-Seeded Users
17.5.1.8
Error Message Displayed After Single Sign-On Timeout Interval in Deployment Manager or WorkFlow Visualizer Windows
17.5.1.9
Null Pointer Exception Thrown When Running the purgecache.bat Utility
17.5.1.10
Challenge Questions Page Displayed in Error in Single Sign-On Mode When "Force to set questions at startup" System Property Set to TRUE
17.5.1.11
System Error May Occur When Accessing Administrative and User Console After Database Is Restarted
17.5.1.12
Warning Page May Be Displayed in the Administrative and User Console After Receiving "Illegal Script Tag or Characters" Message and Clicking the Back Button
17.5.1.13
Benign Warning Messages May Appear in Oracle Application Server Log File After Installing Release 9.1.0.2 and Starting Oracle Application Server
17.5.1.14
Deployment Manager Requires JRE 1.6.0_07
17.5.1.15
Exception May Be Encountered if IPv6 Is the Internet Protocol in Use
17.5.1.16
Multiple Entries for the Same Request ID Are Displayed on the Pending Approvals Page in Administrative and User Console
17.5.1.17
Boolean Type Check Box of the User Defined Field Is Not Displayed on Request Submitted Form
17.5.1.18
"Illegal Script Tag or Characters" Message Is Displayed in Lookup Forms
17.5.1.19
Error Message Logged When a Scheduled Task Is Viewed or Modified
17.5.1.20
User Profile Information Specified in E-mail Definition Is Not Valid for Approval Tasks
17.5.1.21
Exception Thrown on Logging in to WebSphere 6.1.0.9
17.5.1.22
WSLoginFailedException May Be Thrown in IBM WebSphere Log
17.5.1.23
IllegalArgumentException and CacheException May Be Thrown After Application Server Is Started
17.5.1.24
User Password Reset Is Not Supported by SPML Web Service When Password Policies Are Enabled
17.5.1.25
Search Button Must Be Clicked Twice to Search for a Scheduled Task After Changing the State
17.5.1.26
NullPointerException Written to Log File When Oracle Application Server Is Shut Down
17.5.1.27
Some Postinstallation Tests Offered by the Diagnostic Dashboard Are Displayed in the List of Preinstallation Tests
17.5.1.28
Special Characters Are Not Allowed in Attestation Process Definition
17.5.1.29
Columns Names Are Displayed Instead of Labels If an Attestation Scope Is Defined Using User-Defined Fields
17.5.1.30
Reconciliation Event Does Not Exist/Reconciliation Message Failed Log Messages
17.5.1.31
Multiple Trusted Source Flag and Reconciliation Sequence Flag Not Displayed in the Administrative and User Console
17.5.1.32
Resource Name Field of the Create Attestation Process Is Case-Sensitive
17.5.1.33
Retry Interval and Retry Attempt Limit Values Not Displayed on Task Details Page
17.5.1.34
Changes to JDBC Connection Pool Attributes May Result in Database User Account Getting Locked
17.5.1.35
Previously Viewed Workflow Displayed on Creating a New Workflow Event
17.5.1.36
User ID Containing Special Characters Is Not Displayed in User ID Lookup Fields
17.5.1.37
Database Error May Be Thrown When Disabling an Organization
17.5.1.38
Session Timeout System Error Thrown During Workflow Creation Can Be Ignored
17.5.1.39
Known Issues Related to Generic Technology Connectors
17.5.1.40
Exception May Be Thrown When a Scheduled Task Runs for Many Hours
17.5.1.41
Filter by Permission Name Field Might Not Accept Non-ASCII Characters
17.5.1.42
JspException Might Be Encountered
17.5.1.43
Java.Lang.Securityexception Exception Might Be Encountered
17.5.1.44
HeadlessGraphicsEnvironment Exception Might Be Encountered on JBoss Application Server
17.5.1.45
Java.Lang.IllegalArgumentException Might Be Encountered
17.5.1.46
Login Attempt on an Idle Login Window May Display the Logout Page
17.5.1.47
Connection with Oracle Database 11g Might Fail During Certain Oracle Identity Manager Operations
17.5.1.48
tcDefaultSignatureImpl Exception Might Be Encountered When a Scheduled Task Is Run
17.5.1.49
System Error Encountered on Trying to View an Object Form on Oracle Identity Manager Using Microsoft SQL Server
17.5.1.50
Values of Some Fields of an Access Policy process form Are Not Displayed While Editing
17.5.1.51
System Error Encountered on Viewing a Resource Form on an Oracle Identity Manager Installation Using Microsoft SQL Server
17.5.1.52
List of Open Tasks Not Displayed on an Oracle Identity Manager Installation Using Microsoft SQL Server
17.5.1.53
JMS Verification in the Diagnostic Dashboard May Fail in IBM-AIX and Oracle Weblogic Server Combination
17.5.1.54
Not Enough Perm Memory While Using Oracle Identity Manager on Oracle Weblogic Server in HP-JDK
17.5.1.55
Change Password Might Not Work on an Oracle Identity Manager Installation Running on Oracle WebLogic Server and AIX
17.5.1.56
Assigned Password Policy Is Removed when the Database User Management Connector for Release 9.0.4.1 Is Imported
17.5.1.57
User Locked Out of Administrative and User Console on Oracle Identity Manager Running on Oracle WebLogic Server
17.5.1.58
Some Lookup Queries Might Show Only Code Key Values on the Administrative and User Console
17.5.1.59
Test Connectivity Option Does Not Work for the SoD Engine IT Resource
17.5.1.60
Users Data Object of Microsoft Active Directory Connector Overwrites the Users Data Object of Oracle Role Manager Integration Library
17.5.1.61
Bulk Load Utility Can Load User Data Containing First Name Values That Are Up To 255 Characters in Length
17.5.2
Design Console Known Issues
17.5.2.1
Invoking FVC Utility on IBM WebSphere May Display "Realm/Cell is Null" Error
17.5.2.2
Form Designer Feature Does Not Support Special Characters for Column Name
17.5.2.3
Default Tasks Not Added to Resource Object After Changing Its Process Definition Type
17.5.2.4
Cannot Delete User Defined Fields When the Required and Visible Properties are Set to True
17.5.2.5
Cannot Save Multiple Rules Simultaneously
17.5.2.6
Toolbars in Creating New Task Window May Be Disabled When Multiple Creating New Task Windows Are Open
17.5.2.7
Error Thrown When the Caret (^) Character Is Encountered in a Challenge Question
17.5.2.8
Error Messages Displayed on the Password Policies Form Are Concatenated
17.5.2.9
User Group Name Attribute for Reconciliation Mapping
17.5.2.10
Single Quotation Mark Cannot Be Included in IT Resource Instance Name
17.5.2.11
Passwords As Child Table Fields Are Not Supported
17.5.3
Reports Known Issues
17.5.3.1
Group Membership History Report Does Not Differentiate Between Active and Deleted Groups
17.5.3.2
User Disabled and User Unlocked Reports Display Current Values
17.5.3.3
Resource Name Lookup Window on the Input Parameters Page for Some Reports May Incorrectly Display Organization Resources
17.5.3.4
Reports May Not Differentiate Between Information for Deleted Users and Information for Users Created with the Same User IDs As the Deleted Users
17.5.3.5
java.lang.ClassNotFoundException or java.lang.NullPointerException May Be Encountered When You Run the GenerateSnapshot.sh or GenerateGPASnapshot.sh Script on Oracle WebLogic Server
17.5.3.6
java.lang.ClassNotFoundException Might Be Encountered When You Run the GenerateSnapshot.sh or GenerateGPASnapshot.sh Script on JBoss Application Server
17.5.3.7
tcDataAccessException Encountered on Generating the Password Reset Success Failure Report on an Oracle Identity Manager Installation Using Microsoft SQL Server
17.5.3.8
Results Might Note Be Generated If UDF Is Added to the Resource Access List Report
17.5.3.9
classnotfoundexception Exception Encountered While Running the UpgradeAttestation Script on an Oracle Identity Manager Installation Using Microsoft SQL Server
17.5.3.10
Error Encountered When the UpgradeAttestation Script Is Run Twice on the Same Oracle Identity Manager Installation That Is Using Microsoft SQL Server
17.5.3.11
Report Not generated If a UDF Is Added to the ResourceAccessList Report
17.5.3.12
System Error Encountered on Running the Policy List Report with a Wildcard Character on an Oracle Identity Manager Installation Using Microsoft SQL Server
17.5.3.13
CORBA.NO_PERMISSION Exception Might Be Encountered on Running the Generatesnapshot or GenerateGPASnapshot Script
17.5.3.14
ora-01858 Exception Might Be Encountered On Generating an Entitlement Report in a Non-English Locale
17.5.3.15
Error Encountered on Trying to Modify a Resource Through the Resource Management Feature
17.5.3.16
BI Publisher Reports Do Not Work on Microsoft SQL Server
17.5.4
Globalization Known Issues
17.5.4.1
Installer Programs for Non-English Languages May Contain Some English Text
17.5.4.2
Some Administrative and User Console Windows Display Text for Default Locale Setting After Timing Out
17.5.4.3
Notes Field on the Task Details Page Not Localized For Reconciliation Tasks
17.5.4.4
English Characters Required for Some Attributes
17.5.4.5
Some Information in Workflow Visualizer May Be Displayed as Box Characters
17.5.4.6
Report in Non-English Environments Requires English Values for Filter Parameters
17.5.4.7
Deployment Manager Import and Export Features Include an Untranslatable String
17.5.4.8
Names of Log Files for Oracle Identity Manager Utilities Do Not Include Time Stamp for Some Non-English Locales
17.5.4.9
Pre-Populate Adapter Error Messages Do Not Support Localized Display of Date and Time
17.5.4.10
Some Asian Languages Not Displayed Correctly With Sun JDK 1.4
17.5.4.11
Names of IT Resource Parameters Displayed in the Administrative and User Console Are Not Localized
17.5.4.12
Inconsistent Ordering of Names in Columns of Some Reports in Non-English Environments
17.5.4.13
Error Message Displayed While Trying to Delete Menu Items Is Not Localized
17.5.4.14
Localization to the Chinese (Simplified), Chinese (Traditional), and Portuguese (Brazilian) Languages Not Supported
17.5.4.15
Group Name Field Is Displayed in English
17.5.4.16
Resource Bundle Entry for SoD Not Localized
17.5.4.17
UI Text on Generic Technology Connector Pages of Administrative and User Console Is Not Localized for the Arabic Language
17.6
Customizations
17.6.1
Customizations in Release 9.1.0.2
17.6.1.1
JavaServer Pages
17.6.1.2
Java Files
17.6.1.3
Properties File
17.6.2
Customizations in Release 9.1.0.1
17.6.2.1
JavaServer Pages
17.6.2.2
Java Files
17.6.2.3
Properties File
17.7
Related Documents
Index