Skip Headers
Oracle® Application Server Release Notes
10
g
(10.1.4.0.1) for HP-UX Itanium
Part Number B32101-06
Home
Book List
Master Index
Contact Us
Next
View PDF
Contents
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
What's New in the
Oracle Application Server Release Notes
?
Chapter 5, "Oracle Access Manager"
Chapter 7, "Oracle Identity Federation"
Chapter 9, "Oracle Internet Directory"
Chapter 10, "Oracle Virtual Directory"
Chapter 12, "Oracle Delegated Administration Services"
1
Introduction
1.1
Latest Release Information
1.2
Purpose of this Document
1.3
Operating System Requirements
1.4
Multiple Versions of Identity Management in this Release
1.5
Certification Information
1.6
Licensing Information
2
Installation and Upgrade Issues
2.1
Installation Issues
2.1.1
Workaround if HTTP Server Configuration Assistant Fails
2.1.2
IPv6 Not Supported
2.1.3
Unique Global Database Name Required During Installation
2.1.4
Do Not Use Turkish Locale During Installation
2.1.5
Oracle Application Server Repository Creation Assistant Fails During Loading When the Database Uses Certain Chinese Character Sets
2.1.6
OracleAS Cold Failover Cluster: Additional Configuration Steps for Oracle Delegated Administration Services
2.1.7
Oracle Internet Directory SSL Connection Fail Intermittently
2.1.8
Incorrect Location for Debug Message
2.1.9
Illegible or Garbage Characters Output in a Russian Locale
2.1.10
Application Server Control Console Link Not Operational in non-English Installations
2.1.11
Set the NLS Parameter Before Installing
2.1.12
Excessive Privileges for OracleAS Metadata Repository Installations
2.1.13
Incorrect Guidelines for Online Help
2.1.14
OIDCA Fails Due to Misconfiguration in /etc/hosts
2.1.15
DB Console of Infrastructure IM+MR Cannot be Started
2.1.16
Error Messages in log files
2.2
Upgrade Issues
2.2.1
Clarification of When to Run the Metadata Repository Upgrade Assistant
2.2.2
Upgrade of Identity Management Installation to 10.1.4.0.1
2.2.3
Additional Step Required When Upgrading OracleAS Metadata Repository Release 9.0.4.3 to 10.1.4.0.1
2.2.4
Configuring Port Values for the Load Balancer and Oracle Internet Directory When Upgrading Oracle Application Server Cluster (Identity Management)
2.2.5
Harmless Error Messages During OracleAS Metadata Repository Upgrade
2.2.6
Metadata Repository Container Version
2.2.7
Issues When Using the ldifwrite Command to Back Up the Oracle Internet Directory
2.2.8
Upgrade of OracleAS Cold Failover Clusters Fails While Running Configuration Assistant
2.3
Documentation Errata
2.3.1
Possible Error Message When Decommissioning a 10.1.4.0.1 Oracle Home After Upgrade
2.3.2
Incorrect Line Breaks in MRUA Sample Output
2.3.3
Incorrect Global Database Naming Standard
3
General Management and Security Issues
3.1
General Management Issues
3.1.1
Modifying targets.xml After Enabling SSL for Oracle Identity Management 10
g
(10.1.4.0.1)
3.1.2
Changing the IP Address of a Metadata Repository Created with Oracle Application Server Repository Creation Assistant
3.1.3
Oracle Enterprise Manager Grid Control Does not Display all Integration Profiles
3.1.4
Additional Information for Changing Hostname for Identity Management Installations
3.2
Documentation Errata
3.2.1
References to OracleAS Web Cache and OracleAS Portal in the Application Server Control Console Online Help
4
High Availability
4.1
General Issues and Workarounds
4.1.1
Upgrade to OracleAS Guard Release 10.1.2.2.1
4.1.2
Problem Performing a Clone Instance or Clone Topology Operation
4.1.3
OracleAS Guard Release 10.1.2.1.1 Cannot Be Used with Oracle RAC Databases
4.1.4
OracleAS Guard Returned an Inappropriate Message When It Could Not Find the User Specified Database Identifier
4.2
Configuration Issues and Workarounds
4.2.1
The asgctl shutdown topology Command Does Not Shut Down an MRCA Database That is Detected To Be of a repCa Type Database
4.2.2
Database SIDs Must be the Same for Database Peers at Primary and Standby Sites
4.2.3
Use All Uppercase Characters for Database Initialization Parameters to Avoid Instantiate and Sync Problems
4.2.4
Use the Same Port for ASG on the Production and Standby Sites to Avoid clone instance Operation Problems
4.2.5
Use Fully Qualified Path Names with the add instance Command
4.2.6
ASG Cloning is Not Supported when the Number of Oracle Homes is Different at the Primary and Standby Hosts
4.2.7
Entries in TNSNAMES.ORA File that Lack Domain Names Cause Disaster Recovery Problems
4.3
Documentation Errata and Omissions
4.3.1
Availability of a Previously Undocumented asgctl Command: create standby database
4.3.2
Connecting to an OracleAS Guard Server May Return an Authentication Error
4.3.3
All emagents Must Be Shut Down Before Performing OracleAS Guard Operations
4.3.4
Procedure to Patch a 10.1.2.0.0 Disaster Recovery Setup with a 10.1.2.1.0 Patchset
4.3.5
Running Instantiate Topology Across Nodes After Executing a Failover Operation Results in an ORA-01665 Error
4.3.6
OracleAS Guard Is Unable to Shutdown the Database Because More Than One Instance of Oracle RAC is Running
5
Oracle Access Manager
5.1
About Installation Packages, Patch Sets, Bundle Patches, and Newly Certified Agents
5.1.1
Full Installer Packages
5.1.2
Patch Sets, Bundle Patches, and Patch Set Exceptions
5.1.2.1
Updating Oracle Access Manager 10
g
(10.1.4) with the Latest Patch Sets
5.1.2.2
Retrieving the Latest Bundle Patch
5.2
General Issues
5.2.1
New Location for the Platform Support Matrix
5.2.2
Known Issue With JDK 1.1.7
5.2.3
The Name "Query Builder" Is Not Always Translated
5.2.4
Users Can Access Resources After Password Reset Without Logging In
5.2.5
Time Management and Daylight Savings Time
5.2.6
Caveat to Create a Password Policy with Change on Reset Enabled
5.2.7
Login.html Not Found if Browser Language is Not Supported
5.3
Installation and Upgrade Issues and Workarounds
5.3.1
Change the Transport Security Mode During Installation
5.3.2
iPlanet Server Fails After Tuning
5.3.3
Oracle Internet Directory Servers Require Tuning After Installation
5.3.4
Support for DirX Has Been Deprecated
5.3.5
"Enter Password" String Does Not Display Correctly During Installation
5.3.6
Uninstalling a Language Pack With a "2" Designation Causes an Error
5.3.7
Simple Mode Password File Not Converted During Upgrade
5.3.8
Unnecessary Message Asks for SDK Migration Bundles During Upgrade
5.3.9
Unable to Locate Bundles Needed for COREid 6.x Upgrades
5.3.10
Problem with Automatic Directory Updates During Identity Server or Policy Manager Installation
5.3.11
Challenge Parameter Rows Discarded During the Master Access Manager Upgrade
5.3.12
No Translation Support for the SNMP Agent Installshield
5.3.13
Installation of Identity Server 10.1.4.0.1 With Sun Java Directory Server 6.0
5.4
Removal and Rollback Issues and Workarounds
5.4.1
Removing Language Packs
5.4.2
Removing the Default Administrator Language
5.4.3
Rollback Issues After Upgrading to Oracle Access Manager 10
g
(10.1.4)
5.4.3.1
Halting On-the-fly User Data Migration Phase 1
5.4.3.2
Halting On-the-fly Migration of User Data: Phase 2
5.4.3.3
Restarting On-the-fly User Data Migration
5.5
Access System Issues and Workarounds
5.5.1
Disabling the User Cache for the Access Server
5.5.2
WebGate Diagnostics URL Incorrectly Report the Access Server Is Down
5.5.3
WebGate Is Unable to Connect to Its Associated Access Server
5.5.4
An Authentication Action for Form-Based Authentication Redirects to a Non-Secure Page
5.5.5
Access Server Memory Usage Rises After Configuring a Directory Server Profile
5.5.6
The Passthrough Challenge Parameter Does Not Work on a Domino Web Server
5.5.7
Steps for Integrating the Access System with OracleAS Single Sign-On 10.1.2.0.2
5.5.8
Return Type Parameters Are Case-Sensitive in This Release
5.5.9
Single Sign-On with Oracle Identity Management Fails
5.5.10
Policy Manager API Support Used Incorrectly in Help and Access System Console
5.5.11
webgate.so Not Found Error After Form-based Login
5.6
Identity System Workarounds and Issues
5.6.1
Identity System Deletes a User Entry When an RDN is Modified
5.6.2
Auditing for the Identity System Ceases to Work
5.6.3
Identity Server Crashes if It Cannot Find a Style Sheet
5.6.4
WebPass Is Unable to Connect to Its Associated Identity Server
5.6.5
Memory Usage Rises for an Identity Server After Configuring a Directory Server Profile
5.6.6
Errors Are Found in the HTTP Logs After Setting Up the Identity System
5.6.7
Reports With Non-ASCII Characters Are Not Imported Correctly in Excel
5.6.8
Translation of Tab Names May be Incomplete
5.6.9
Non-ASCII Values for Certain Display Types Are Corrupted in the Identity System Console
5.6.10
Data Is Lost When Saving an Object Profile in Org. Manager
5.6.11
Incorrect Path Provided to the UDDI Files
5.6.12
Incorrect Path Setting for Running Sample WSDL Code
5.6.13
User Creation Might Fail When You Have Multi-byte Characters in the Password
5.6.14
Modifying Challenge and Response Phrases for Lost Password Management from a Panel
5.6.15
Workflow Buttons Might Appear Disabled with Firefox 3.5 on Linux
5.7
Third-Party Integration Issues
5.7.1
Users Receive Errors When Accessing WebLogic Resources
5.7.2
The Deploy Link on the WebLogic Console Does Not Respond to Users Without a Role
5.7.3
No Error Is Displayed When You Create a WebLogic Group that Already Exists
5.7.4
Double-Byte Language Packs Do Not Work with the WebLogic SSPI Connector
5.7.5
Integrating with Oracle Application Server Single Sign-On
5.7.6
File Needed for Registrytester Not Bundled with IBM WebSphere Application Server 6.1
5.8
Directory Issues
5.8.1
Error "There Is No Profile Configured for this Kind of Object"
5.8.2
Issues With the Display of Messages in Some Languages
5.8.3
Support for eDirectory 8.7.3
5.9
Documentation Issues
5.9.1
Reference to Oracle Internet Directory Is Needed in Installation Preparation Checklist
5.9.2
Help Mentions WebGateStatic.lst But No Such File Exists
5.9.3
The obEnableCredentialCache Credential Mapping Parameter Is Misspelled
5.9.4
Warning Regarding Retrieving Authorization Data From an External Source
5.9.5
Active Directory MaxPageSize Parameter Stated as PageSize Parameter
5.9.6
Missing Parameter in globalparams.xml Documentation
5.9.7
Incorrect obver Attribute Value Stated in Documentation
5.9.8
Changes in System Behavior for obVer Missing in Manuals
5.9.9
Items Needed for WebLogic 9.2 Application Server Certification
5.9.10
Corrected Default Path Names in
Oracle Access Manager Installation Guide
5.9.11
OIS and Access Server Service Start is Automatic by Default
5.9.12
Certificate Utility Flags Incorrect for Oracle Virtual Directory SSL Listener
5.9.13
Tuning Oracle Internet Directory for Oracle Access Manager
5.9.14
Obtaining/Updating Sample Adapter and Mapping Templates for Oracle Virtual Directory
5.9.15
Typographical Error in the Solution for "The Login Form Appears Repeatedly"
5.9.16
Added Required Database User Privileges to Upload Schema in Oracle Access Manager Configuration Manager
5.9.17
Added Audit File Renaming Steps to
Oracle Access Manager Upgrade Guide
5.9.18
Corrected Path Details for Oracle Virtual Directory Schema Files
5.9.19
Corrected LDAPModify Syntax for Oracle Virtual Directory
5.9.20
Added SSL Requirements When Upgrading Schema and Data with Master Access Manager
5.9.21
Corrected Path Names for Schema Index Files in Oracle Access Manager Upgrade Guide
5.9.22
Corrected Environment URL in Oracle Access Manager Configuration Manager Installation and Administration Guide
5.9.23
Missing Challenge Parameter
"realmunique:yes"
5.9.24
Misleading Title for Enabling Client Cert on IIS in
Oracle Access Manager Installation Guide
5.9.25
oblixCoreidServerDown has the Same Description as oblixCoreidServerFailure
5.9.26
Syntax Correction in Oracle Access Manager Customization Guide
5.9.27
Clarification of
unique_value_attrs
in ldapreferentialintegrityparams.xml
5.9.28
Clarification on Reconfiguring COREid Server and WebPass
5.9.29
Updating Novell eDirectory Schema Details
5.9.30
Clarification in WebLogic Chapter of
Oracle Access Manager Integration Guide
5.9.31
Policy Manager API Support Should Read Access Management Service
5.9.32
Invalid URL Patterns in Policy
5.9.33
Update for Apache v2 for WebGate on UNIX with the mpm_worker_module
6
Oracle Application Server Single Sign-On
6.1
Installation, Installation and Upgrade Issues
6.1.1
Directory Considerations During Installation
6.1.2
Directory Considerations After Installation
6.1.3
Identity Management Grid Control Considerations During Uninstallation
6.2
General Issues
6.2.1
Oracle Directory Manager Is no Longer Supported
6.2.2
Deleting and Recreating a User Causes an Error When Accessing an External Application
6.2.3
You Must Change the Value for the ORCLDASURLBASE Attribute in Oracle Internet Directory After Enabling SSL
6.2.4
Clarification Needed for Implementing the IPASAuthInterface.java Package
6.2.5
Multiple Single Sign-On Servers Cannot Share a Global User Inactivity Timeout
6.2.6
A "Host Unavailable" Entry Appears on Non-English Monitoring Pages
6.2.7
Dynamic Global Logout Directives Must Pass the String "Oracle SSO"
6.2.8
Multilevel Authentication Configuration May or May Not Require a Port Number
6.3
Documentation Errata
6.3.1
Incomplete Information in "Developing Applications for Single Sign-On" Chapter of Oracle Identity Management Application Developer's Guide
7
Oracle Identity Federation
7.1
Installation and Upgrade Issues
7.1.1
Oracle Identity Federation Configuration Assistant Fails in SSL Mode
7.2
General Issues and Workarounds
7.2.1
Credential Re-entry When Accessing a SiteMinder Protected Resource
7.2.2
Reauthentication after Session Timeout with OracleAS Single Sign-On and SAML 1.x or WS-Federation
7.2.3
Attribute Sharing with the Microsoft Internet Information Server
7.2.4
Redirection Loops with Oracle Access Manager
7.2.5
Truncated Text in Japanese Version of Oracle Universal Installer
7.2.6
Unused Assertion Profile With Invalid Attribute Mapping Can Cause SSO Failure
7.2.7
Signed SAML 1.0 Assertions Can Cause SSO Failures
7.2.8
Encrypting Network Connections
7.2.9
Spurious Certificate Verification Failure in Debug Log
7.2.10
Forced Reauthentication Not Supported with OracleAS Single Sign-On
7.3
Configuration Issues and Workarounds
7.3.1
Administration Console Is Not Accessible After Changing Transient Data Store
7.3.2
Signing SAML Response with Assertion
7.3.3
Assertions Using SAML 1.x POST Method Fail in Japanese Locale
7.3.4
Using RDBMS as a User Data Store with a Login column ID of type CHAR
7.3.5
Some Peer Providers Are Not Displayed in Administration Console
7.3.6
SAML 2.0 Metadata AttributeRequesterDescriptor Not Supported
7.3.7
Problems Disabling Protocol Profiles in Administration Console
7.3.8
Metadata Service URLs With Query Parameters Not Supported
7.4
Documentation Errata
7.4.1
Incorrect Header in Oracle Identity Federation Online Help
7.4.2
Enhanced Description of Provider Configuration
7.4.3
Update to Section 4.2.6.2 Creating a Custom Authentication Engine
8
Oracle Security Developer Tools
8.1
General Issues and Workarounds
8.1.1
Oracle XML Security Does Not Handle the InclusiveNamespaces Tag
9
Oracle Internet Directory
9.1
General Issues and Workarounds
9.1.1
Perform Full Database Backup After Administrative Changes to Oracle Internet Directory
9.1.2
Comment Out ACL Attributes Not Defined in the Schema
9.1.3
Specify DN of the DIT When Dumping Directory Entries for an Advanced Replication Agreement
9.1.4
Data Manipulation at Database Level is Not Supported
9.2
Configuration Issues and Workarounds
9.2.1
Set Language Before Using bulkload
9.3
Documentation Errata
9.3.1
Bad Links in Online Help Pages
9.3.2
Missing Line Break in sqlplus Command
9.3.3
Errors in oracle.ldap.util.Subscriber.createUser() Documentation
9.3.4
Missing Example: How to Decode a Mime-Encoded Header Set by mod_sso
9.3.5
Error in Identity Management Grid Control Plug-in Context-Sensitive Help
9.3.6
Missing Note: The labeledURI Attribute host:port is for Syntax Purposes Only
9.3.7
Missing Example: Listing All the Attributes in the Directory by Using ldapsearch
9.3.8
Incorrect Environment Variables in Plug-in Debugging Examples
9.3.9
Figure Errors in Replication Concepts Chapter
9.3.10
Bad ldifwrite Parameter in Backup Chapter
9.3.11
Error in Sample Code for Java Plug-ins
9.3.12
Obsolete Step in SSL Configuration Procedure
9.3.13
Errors in Oracle Directory Manager Help and in Appendix A of the Oracle Internet Directory Administrator's Guide
9.3.14
No Maximum Value Documented for pwdGraceLoginLimit
9.3.15
Setting orcldataprivacymode to 1 Prevents OC4J_SECURITY from Starting
9.3.16
External Authentication Scripts Have .pls Extension
9.3.17
Patch Notes 10g (10.1.4.3.0) Contains Incorrect Instruction to Apply a Patch
10
Oracle Virtual Directory
10.1
General Issues and Workarounds
10.1.1
Creating oraInst.loc File During Installation of Oracle Virtual Directory 10
g
(10.1.4.3.0) on AIX
10.2
Documentation Errata
10.2.1
Correction for Access Control Rules Documentation
11
Oracle Application Server Certificate Authority
11.1
Documentation Errata
11.1.1
Java Classes for Custom Policy Plug-in Must Use JDK 1.4.2
11.1.2
Incorrect Class Name in Custom Policy Example
12
Oracle Delegated Administration Services
12.1
General Issues and Workarounds
12.1.1
Installation Process Does Not Enable SSL for Oracle Delegated Administration Services
12.1.2
Using Single Wildcard Characters to Search for Entries Fails to Return Results
12.1.3
Oracle Internet Directory Self-Service Console Link Does Not Work in Oracle Identity Manager Grid Control Plug-in
12.1.4
Attributes Set to "Searchable" Always Appear on the Search Result Page
12.2
Administration Issues and Workarounds
12.2.1
Disabling Password Change and Reset Functionality
12.2.2
Resetting Oracle Application Server Single Sign-On Passwords Redirects Users to Oracle Delegated Administration Services Home Page
12.3
Online Help Issues and Workarounds
12.3.1
No Help Topic When Managing Applications
12.3.2
The
ou
Attribute is Not Allowed In User Entries
12.4
Documentation Issues
12.4.1
Session Context is Not Clearly Documented
12.4.2
Special Characters for User ID Needs Updating
12.4.3
Clarification: Old_password Not Being Passed to Custom Pre_modify Password Policy Plug-in
13
Oracle Directory Integration Platform
13.1
Configuration Issues and Workarounds
13.1.1
Configuration Requirements for Synchronizations with Domain-Level Mappings
13.1.2
Directory Integration Assistant Throws "LDAP: error code 2 - Decoding Error" When Uploading an Additional Configuration Information File
13.1.3
Reconfiguring the Oracle Password Filter for Microsoft Active Directory Generates Errors
13.1.4
In a High Availability Environment Using Multimaster Replication, Provisioning Events May not Be Propagated or May Be Duplicated
13.1.5
Manual Step Required After Configuring Oracle Directory Integration Platform from Oracle Enterprise Manager
13.1.6
Securing the Windows Registry Before Installing the Oracle Password Filter for Microsoft Active Directory
13.1.7
DIP_GEN_CREATECHG_EXCEPTION Raised When Source Directory Contains More than 10 Attributes to be Synchronized
13.1.8
Deletions Not Synchronized if a Domain Editing Rule Exists
13.1.9
Synchronizing modrdn from Sun Java System Directory Throws a Stack Trace
13.1.10
The SearchDeltaSize Parameter is Ignored During Synchronization
13.1.11
Add Operations Not Synchronized and Synchronization Fails with an "objcls is NULL" Message in the Trace File
13.2
Administration Issues and Workarounds
13.2.1
Default Mapping Rule Can Be Simplified in Single-Domain Microsoft Active Directory Deployments
13.2.2
Oracle Directory Integration Platform Not Sending Provisioning Events Due to Purged Change Log Entries
13.2.3
Oracle Internet Directory Field Unavailable in Oracle Identity Manager Grid Control Plug-in
13.2.4
Synchronizion from Novell eDirectory or OpenLDAP Fails When the Oracle Internet Directory Container is Within the Default Realm
14
Oracle Adaptive Access Manager
14.1
Full Installation Packages
14.2
Bundle Patch Contents
14.3
General Upgrade Instructions
14.4
Component and Database Upgrade Procedures
14.4.1
Upgrading Command Line Interface
14.4.2
Upgrading the Database
14.4.3
Upgrading the Location Loader
14.4.4
Applying the Patch for Native Integration
14.4.5
Upgrading the Oracle Adaptive Access Manager-Oracle Access Manager Integration
14.4.6
Upgrading the Oracle Adaptive Access Manager BIP Reports
14.4.7
Upgrading Adaptive Risk Manager Offline
14.4.7.1
Pre-requisites
14.4.7.2
Steps
14.4.8
Upgrading Adaptive Risk Manager Online
14.4.8.1
Pre-requisites
14.4.8.2
Steps
14.4.9
Upgrading Rule Conditions
14.4.9.1
Pre-requisites
14.4.9.2
Steps
14.4.10
Upgrading Adaptive Strong Authenticator
14.4.11
Upgrading the Oracle Adaptive Access Manager Proxy for Apache
14.4.11.1
Oracle Adaptive Access Manager Proxy for Apache Patch Installation Instructions
14.4.11.2
Oracle Adaptive Access Manager Proxy for Apache Patch Backout Instructions
14.4.12
Upgrading the Oracle Adaptive Access Manager Proxy for Microsoft ISA
14.4.13
Upgrading .NET API
14.4.13.1
Overview
14.4.13.2
Applying the Fix
14.4.13.3
Fix Details
14.4.14
Upgrading the Keystore Util Package
14.5
Creating a Database for an Oracle Database with the Partition Option
14.5.1
Creating a Oracle Adaptive Access Manager Database Schema for an Oracle Database with the Partition Option
14.5.2
Partition Reference
14.5.2.1
Tables
14.5.2.2
Partition Maintenance Scripts
14.6
Upgrading the Database from 10.1.4.5.0 to 10.1.4.5.bp1
14.6.1
Database Patch Requirement
14.6.2
Database Patch Details
14.6.3
Database Patch Installation Instructions
14.6.4
Database Patch Execution Time
14.6.5
Database Patch Special Instruction
14.6.6
Best Practices
14.7
10.1.4.5.bp1 Database Patch Details
14.7.1
Create additional indexes for performance
14.7.2
Remove foreign keys from Transactional tables
14.7.3
Change VCRYPT_TRACKER_USERNODE_LOGS
14.8
Upgrading the Database from 10.1.4.5.bp1 to 10.1.4.5.bp2
14.8.1
Database Patch Requirement
14.8.2
Database Pre-requisite
14.8.3
Database Patch Details
14.8.4
Database Patch Installation Instructions
14.8.5
Validation
14.8.6
Server Restart
14.9
10.1.4.5.bp2 Database Patch Details
14.9.1
Objects Altered or Added
14.9.1.1
Columns
14.9.1.2
Constraints
14.9.1.3
Indexes
14.9.1.4
Sequences
14.9.1.5
Tables
14.9.2
Seed Data
14.10
Setting Up Database Archive and Purge Routines (10.1.4.5.bp3)
14.10.1
Purge Process
14.10.2
Archive Process
14.10.3
Archive and Purge Data Classification
14.10.3.1
Device Fingerprinting
14.10.3.2
Transaction In-Session Based Data
14.10.3.3
Auto-learning Profile Data
14.10.3.4
Rule Log Data
14.10.4
Archive and Purge Process
14.10.4.1
Archive and Purge Process - Special Recommendations for Schemas with Partitioned Objects
14.10.4.2
Archive and Purge Process - Setting Up for Users with an Existing Process In Place
14.10.4.3
Archive and Purge Process - Setting Up for the Oracle Database
14.10.4.4
Archive and Purge Process - Setting Up for the SQL Server Database
14.10.5
Performing Archive and Purge
14.10.5.1
Oracle Databases
14.10.5.2
SQL Server Database
14.10.6
Validating Archive and Purge
14.10.7
Restoring Archived Data
14.11
10.1.4.5.bp3 Archive and Purge Details
14.11.1
List of Tables and the Corresponding Archived Tables
14.11.1.1
Device Fingerprint Tables and Corresponding Archived Tables
14.11.1.2
Auto-learning Transactional Tables and Corresponding Archive Tables
14.11.1.3
Transaction Tables and Corresponding Archived Tables
14.11.1.4
Rule Logs Tables and Corresponding Archived Tables
14.11.2
Scripts to Set Up Archive and Purge
14.11.2.1
Scripts for the Oracle Database
14.11.2.2
Scripts for the SQL Server Database
14.11.3
Scripts to Execute Archive and Purge
14.11.3.1
exec_sp_purge_tracker_data.sql
14.11.3.2
exec_sp_purge_txn_log.sql
14.11.3.3
exec_sp_purge_workflow_data.sql
14.11.3.4
exec_sp_purge_profile_data.sql
14.11.3.5
exec_sp_purge_rule_log.sql
14.11.4
Drop Scripts for Partitioned Tables
14.11.4.1
Drop_Monthly_Partition_tables.sql
14.11.4.2
Drop_Weekly_Partition_tables.sql
14.12
Upgrading the Database from 10.1.4.5.bp2 to 10.1.4.5.bp5
14.12.1
Database Pre-requisite
14.12.2
Database Patch Details
14.12.2.1
Oracle
14.12.2.2
Microsoft SQL Server
14.12.3
Database Patch Installation Instructions
14.12.4
Validation
14.12.5
Server Restart
14.13
10.1.4.5.bp5 Database Patch Details
14.13.1
Oracle
14.13.2
MS SQL Server
14.14
Upgrading the Database from 10.1.4.5.bp5 to 10.1.4.5.bp6
14.14.1
Database Pre-requisite
14.14.2
Database Patch Details
14.14.3
Objects Impacted
14.14.4
Database Patch Installation Instructions
14.14.5
Validation
14.14.6
Server Restart
14.15
Documentation Corrections
14.15.1
Configuration to Log Rule Executions Based on Total Rule Processing Time Taken
14.15.2
Pattern Member Condition Does Not Take into Account the Bucket
14.15.3
Randomize KBA Questions
14.15.4
No Rule Logs Shown in Offline Application
14.15.5
Slider in OAAM 10.1.4.5 bpX
14.15.6
Session: Time Unit Condition
14.15.7
Using Time Extraction Scheme for Time Portion
14.15.7.1
Use Cases that require using "Time Extraction"
14.15.7.2
During Transaction Definition Phase
14.15.7.3
Using the time field in transaction rules
14.15.7.4
Limitations of time extraction and usage in transaction rules
15
Oracle Role Manager
15.1
Latest Release Information
15.2
What's New in Oracle Role Manager
15.2.1
New Component Support
15.2.1.1
Operating System Requirements
15.2.1.2
Application Servers
15.2.1.3
Oracle Role Manager Integration Library Certification
15.2.2
New Features and Enhancements
15.2.2.1
Usability
15.2.2.2
Installation
15.2.2.3
Integration Library
15.2.2.4
Upgrade
15.2.3
Application Data Model Changes
15.2.4
Java API Changes
15.2.4.1
Classes
15.2.4.2
Methods
15.3
Certified Components
15.3.1
Operating Systems
15.3.2
Application Servers
15.3.3
Databases
15.3.4
Certified JDKs
15.3.5
Supported Configurations
15.3.6
Certified Single Sign-On Components
15.3.7
Languages
15.3.8
Web Browsers
15.4
Fixes in This Release
15.5
Known Problems
15.5.1
Auditing
15.5.1.1
Some audit messages unclear or inaccurate
15.5.1.2
System displays misleading information for create transactions
15.5.1.3
Duplicate audit messages are displayed in the transaction details
15.5.2
General Usability
15.5.2.1
User has no indication why the Delete option is disabled for organizations with child entities
15.5.2.2
Wrapping of data fails
15.5.2.3
Context menu continues to display when a user selects another transaction
15.5.2.4
Unnecessary scroll bar on tabbed pages
15.5.2.5
Hierarchy bread crumbs update only on submit and reload of the page
15.5.2.6
Tree view requires refresh to reflect recent updates
15.5.2.7
Timestamp value does not always match user's locale in role mapping details
15.5.2.8
Submit button appears functional to users without appropriate sphere of control to edit role
15.5.2.9
Cannot change sphere of control while creating a new role if user switches tab focus
15.5.3
Installation
15.5.3.1
Configuration Assistant fails on retry after database connection
15.5.3.2
Installer intermittently skips screens when the user goes back to previous screen
15.5.3.3
System displays the file copy progress as 92% on completion instead of 100% while running the silent installer
15.5.3.4
In clustered environments, managed server fails to start after configuring WebLogic using the provided template
15.5.3.5
Oracle Role Manager runInstaller fails to install on SUSE 10
15.5.4
Integration Library
15.5.4.1
Sequence in which records are reconciled from Oracle Identity Manager affects creation of relationships between person records
15.5.4.2
Exception in Oracle Identity Manager application server console while running RoleManagerUserGroupsCleanup scheduled task
15.5.4.3
Static business roles with the same name not created properly in Oracle Identity Manager
15.5.4.4
OIM-setup.sh and ORM-setup.sh scripts does not run on SUSE 10 machine
15.5.5
Search
15.5.5.1
Sorting of items in search results are case sensitive
15.5.5.2
Search results fail to refresh in pop-up windows
15.5.5.3
Searchable attributes/operators should be sorted alphabetically
15.5.5.4
Search operator should be retained when selecting a different search attribute.
15.5.5.5
Misleading message when user attempts empty wildcard search
15.5.6
Server
15.5.6.1
Data load fails when data contains the specified field delimiter
15.5.6.2
System allows the System Administrator system role to be deleted or made inactive
15.5.6.3
J2EE EJB method invocation may time out and roll back if batch role resolution takes longer than specified time
15.5.6.4
Oracle RAC support lacks certification for high availability scenarios
15.5.6.5
Bulk loading of large data set with Sun JDK throws errors
15.5.6.6
Deploy tool fails to deploy when CAR file contains unchanged XML
15.5.6.7
Web sessions on clustered JBoss environments may not failover where messages are waiting to display
15.5.6.8
Problems when the database server and the application server are set to different times
15.5.6.9
JMSContainerInvoker exception displays in console on clustered JBoss environments
15.5.7
System Messages
15.5.7.1
System fails to display a warning dialog when canceling or navigating away from a create process
15.5.7.2
No warning message when delegating a Business Role twice to the same person
15.6
Certification Information
16
Oracle Identity Manager
16.1
What's New in Oracle Identity Manager Release 9.1.0.2?
16.1.1
Support for Segregation of Duties (SoD)
16.1.2
Support for Offline Provisioning
16.1.3
Support for Capture and Use of Entitlement Data
16.1.4
Introduction of the Bulk Load Utility
16.1.5
Support for Future-Dated Reconciliation Events
16.1.6
Support for Connection Pooling
16.1.7
Support for the Arabic Language
16.1.8
Enhanced Support for Integration Between Oracle Role Manager and Oracle Identity Manager
16.1.9
Additional Changes on the Oracle Identity Manager UIs
16.1.10
New Scheduled Tasks
16.1.10.1
Scheduled Tasks for the SoD Feature
16.1.10.2
Scheduled Tasks for Working with Entitlement Data
16.1.10.3
Scheduled Tasks for the Offline Provisioning Feature
16.1.10.4
Other Scheduled Tasks
16.1.11
New Reports
16.1.12
New APIs
16.1.13
New System Properties
16.1.14
New Adapters
16.2
Certified Components
16.2.1
Certified Application Servers
16.2.2
Certified Languages
16.3
Upgrading to Oracle Identity Manager Release 9.1.0.2
16.3.1
Addressing Prerequisites for the Upgrade
16.3.2
Upgrading the Oracle Identity Manager Database
16.3.2.1
Upgrading Oracle Identity Manager Database on Microsoft SQL Server
16.3.2.2
Upgrading Oracle Identity Manager Database on Oracle Database
16.3.2.3
Loading Metadata into the Database
16.3.2.4
Loading E-Mail Templates
16.3.2.5
Using the Oracle Identity Manager Database Validator
16.3.3
Upgrading Oracle Identity Manager
16.3.3.1
Copying Files
16.3.3.2
Modifying the FormMetaData.xml File
16.3.3.3
Upgrading Oracle Identity Manager on Oracle WebLogic Server
16.3.3.4
Upgrading Oracle Identity Manager on JBoss Application Server
16.3.3.5
Upgrading Oracle Identity Manager on IBM WebSphere Application Server
16.3.3.6
Upgrading Oracle Identity Manager on Oracle Application Server
16.3.4
Upgrading the Oracle Identity Manager Design Console
16.3.5
Upgrading the Oracle Identity Manager Remote Manager
16.3.6
Redeploying the Diagnostic Dashboard
16.3.6.1
Redeploying the Diagnostic Dashboard on IBM WebSphere Application Server
16.3.6.2
Redeploying the Diagnostic Dashboard on JBoss Application Server
16.3.6.3
Redeploying the Diagnostic Dashboard on Oracle Application Server
16.3.6.4
Redeploying the Diagnostic Dashboard on Oracle WebLogic Server
16.3.7
Redeploying the SPML Web Service
16.3.8
Enabling the Integration with Oracle Role Manager
16.3.9
Applying the Patch for Arabic Language Support
16.3.10
Reapplying Customizations and Compiling Adapters
16.4
Resolved Issues
16.5
Known Issues and Workarounds
16.5.1
General Known Issues
16.5.1.1
Exception May Be Thrown While Using SSO to Log In to Administrative and User Console When Oracle Identity Manager Is Installed in a UNIX/Linux Environment
16.5.1.2
Stack Overflow Exception Thrown When Importing an XML File
16.5.1.3
ConcurrentModificationException in JBoss Cluster Configuration When Replicating Session Data
16.5.1.4
Pending Approvals Cannot Be Filtered by Requester Name
16.5.1.5
All Records Returned When Filtering Records by the Date Type User Defined Field and Searching Using Character Strings
16.5.1.6
Date Value Entered in Incorrect Format in the Administrative and User Console Date Fields Causes an Error Message to Be Displayed
16.5.1.7
Errors When Modifying Settings and Assignments for Internal System-Seeded Users
16.5.1.8
Error Message Displayed After Single Sign-On Timeout Interval in Deployment Manager or WorkFlow Visualizer Windows
16.5.1.9
Null Pointer Exception Thrown When Running the purgecache.bat Utility
16.5.1.10
Challenge Questions Page Displayed in Error in Single Sign-On Mode When "Force to set questions at startup" System Property Set to TRUE
16.5.1.11
System Error May Occur When Accessing Administrative and User Console After Database Is Restarted
16.5.1.12
Warning Page May Be Displayed in the Administrative and User Console After Receiving "Illegal Script Tag or Characters" Message and Clicking the Back Button
16.5.1.13
Benign Warning Messages May Appear in Oracle Application Server Log File After Installing Release 9.1.0.2 and Starting Oracle Application Server
16.5.1.14
Deployment Manager Requires JRE 1.6.0_07
16.5.1.15
Exception May Be Encountered if IPv6 Is the Internet Protocol in Use
16.5.1.16
Multiple Entries for the Same Request ID Are Displayed on the Pending Approvals Page in Administrative and User Console
16.5.1.17
Boolean Type Check Box of the User Defined Field Is Not Displayed on Request Submitted Form
16.5.1.18
"Illegal Script Tag or Characters" Message Is Displayed in Lookup Forms
16.5.1.19
Error Message Logged When a Scheduled Task Is Viewed or Modified
16.5.1.20
User Profile Information Specified in E-mail Definition Is Not Valid for Approval Tasks
16.5.1.21
Exception Thrown on Logging in to WebSphere 6.1.0.9
16.5.1.22
WSLoginFailedException May Be Thrown in IBM WebSphere Log
16.5.1.23
IllegalArgumentException and CacheException May Be Thrown After Application Server Is Started
16.5.1.24
User Password Reset Is Not Supported by SPML Web Service When Password Policies Are Enabled
16.5.1.25
Search Button Must Be Clicked Twice to Search for a Scheduled Task After Changing the State
16.5.1.26
NullPointerException Written to Log File When Oracle Application Server Is Shut Down
16.5.1.27
Some Postinstallation Tests Offered by the Diagnostic Dashboard Are Displayed in the List of Preinstallation Tests
16.5.1.28
Special Characters Are Not Allowed in Attestation Process Definition
16.5.1.29
Columns Names Are Displayed Instead of Labels If an Attestation Scope Is Defined Using User-Defined Fields
16.5.1.30
Reconciliation Event Does Not Exist/Reconciliation Message Failed Log Messages
16.5.1.31
Multiple Trusted Source Flag and Reconciliation Sequence Flag Not Displayed in the Administrative and User Console
16.5.1.32
Resource Name Field of the Create Attestation Process Is Case-Sensitive
16.5.1.33
Retry Interval and Retry Attempt Limit Values Not Displayed on Task Details Page
16.5.1.34
Changes to JDBC Connection Pool Attributes May Result in Database User Account Getting Locked
16.5.1.35
Previously Viewed Workflow Displayed on Creating a New Workflow Event
16.5.1.36
User ID Containing Special Characters Is Not Displayed in User ID Lookup Fields
16.5.1.37
Database Error May Be Thrown When Disabling an Organization
16.5.1.38
Session Timeout System Error Thrown During Workflow Creation Can Be Ignored
16.5.1.39
Known Issues Related to Generic Technology Connectors
16.5.1.40
Exception May Be Thrown When a Scheduled Task Runs for Many Hours
16.5.1.41
Filter by Permission Name Field Might Not Accept Non-ASCII Characters
16.5.1.42
JspException Might Be Encountered
16.5.1.43
Java.Lang.Securityexception Exception Might Be Encountered
16.5.1.44
HeadlessGraphicsEnvironment Exception Might Be Encountered on JBoss Application Server
16.5.1.45
Java.Lang.IllegalArgumentException Might Be Encountered
16.5.1.46
Login Attempt on an Idle Login Window May Display the Logout Page
16.5.1.47
Connection with Oracle Database 11g Might Fail During Certain Oracle Identity Manager Operations
16.5.1.48
tcDefaultSignatureImpl Exception Might Be Encountered When a Scheduled Task Is Run
16.5.1.49
System Error Encountered on Trying to View an Object Form on Oracle Identity Manager Using Microsoft SQL Server
16.5.1.50
Values of Some Fields of an Access Policy process form Are Not Displayed While Editing
16.5.1.51
System Error Encountered on Viewing a Resource Form on an Oracle Identity Manager Installation Using Microsoft SQL Server
16.5.1.52
List of Open Tasks Not Displayed on an Oracle Identity Manager Installation Using Microsoft SQL Server
16.5.1.53
JMS Verification in the Diagnostic Dashboard May Fail in IBM-AIX and Oracle Weblogic Server Combination
16.5.1.54
Not Enough Perm Memory While Using Oracle Identity Manager on Oracle Weblogic Server in HP-JDK
16.5.1.55
Change Password Might Not Work on an Oracle Identity Manager Installation Running on Oracle WebLogic Server and AIX
16.5.1.56
Assigned Password Policy Is Removed when the Database User Management Connector for Release 9.0.4.1 Is Imported
16.5.1.57
User Locked Out of Administrative and User Console on Oracle Identity Manager Running on Oracle WebLogic Server
16.5.1.58
Some Lookup Queries Might Show Only Code Key Values on the Administrative and User Console
16.5.1.59
Test Connectivity Option Does Not Work for the SoD Engine IT Resource
16.5.1.60
Users Data Object of Microsoft Active Directory Connector Overwrites the Users Data Object of Oracle Role Manager Integration Library
16.5.1.61
Bulk Load Utility Can Load User Data Containing First Name Values That Are Up To 255 Characters in Length
16.5.2
Design Console Known Issues
16.5.2.1
Invoking FVC Utility on IBM WebSphere May Display "Realm/Cell is Null" Error
16.5.2.2
Form Designer Feature Does Not Support Special Characters for Column Name
16.5.2.3
Default Tasks Not Added to Resource Object After Changing Its Process Definition Type
16.5.2.4
Cannot Delete User Defined Fields When the Required and Visible Properties are Set to True
16.5.2.5
Cannot Save Multiple Rules Simultaneously
16.5.2.6
Toolbars in Creating New Task Window May Be Disabled When Multiple Creating New Task Windows Are Open
16.5.2.7
Error Thrown When the Caret (^) Character Is Encountered in a Challenge Question
16.5.2.8
Error Messages Displayed on the Password Policies Form Are Concatenated
16.5.2.9
User Group Name Attribute for Reconciliation Mapping
16.5.2.10
Single Quotation Mark Cannot Be Included in IT Resource Instance Name
16.5.2.11
Passwords As Child Table Fields Are Not Supported
16.5.3
Reports Known Issues
16.5.3.1
Group Membership History Report Does Not Differentiate Between Active and Deleted Groups
16.5.3.2
User Disabled and User Unlocked Reports Display Current Values
16.5.3.3
Resource Name Lookup Window on the Input Parameters Page for Some Reports May Incorrectly Display Organization Resources
16.5.3.4
Reports May Not Differentiate Between Information for Deleted Users and Information for Users Created with the Same User IDs As the Deleted Users
16.5.3.5
java.lang.ClassNotFoundException or java.lang.NullPointerException May Be Encountered When You Run the GenerateSnapshot.sh or GenerateGPASnapshot.sh Script on Oracle WebLogic Server
16.5.3.6
java.lang.ClassNotFoundException Might Be Encountered When You Run the GenerateSnapshot.sh or GenerateGPASnapshot.sh Script on JBoss Application Server
16.5.3.7
tcDataAccessException Encountered on Generating the Password Reset Success Failure Report on an Oracle Identity Manager Installation Using Microsoft SQL Server
16.5.3.8
Results Might Note Be Generated If UDF Is Added to the Resource Access List Report
16.5.3.9
classnotfoundexception Exception Encountered While Running the UpgradeAttestation Script on an Oracle Identity Manager Installation Using Microsoft SQL Server
16.5.3.10
Error Encountered When the UpgradeAttestation Script Is Run Twice on the Same Oracle Identity Manager Installation That Is Using Microsoft SQL Server
16.5.3.11
Report Not generated If a UDF Is Added to the ResourceAccessList Report
16.5.3.12
System Error Encountered on Running the Policy List Report with a Wildcard Character on an Oracle Identity Manager Installation Using Microsoft SQL Server
16.5.3.13
CORBA.NO_PERMISSION Exception Might Be Encountered on Running the Generatesnapshot or GenerateGPASnapshot Script
16.5.3.14
ora-01858 Exception Might Be Encountered On Generating an Entitlement Report in a Non-English Locale
16.5.3.15
Error Encountered on Trying to Modify a Resource Through the Resource Management Feature
16.5.3.16
BI Publisher Reports Do Not Work on Microsoft SQL Server
16.5.4
Globalization Known Issues
16.5.4.1
Installer Programs for Non-English Languages May Contain Some English Text
16.5.4.2
Some Administrative and User Console Windows Display Text for Default Locale Setting After Timing Out
16.5.4.3
Notes Field on the Task Details Page Not Localized For Reconciliation Tasks
16.5.4.4
English Characters Required for Some Attributes
16.5.4.5
Some Information in Workflow Visualizer May Be Displayed as Box Characters
16.5.4.6
Report in Non-English Environments Requires English Values for Filter Parameters
16.5.4.7
Deployment Manager Import and Export Features Include an Untranslatable String
16.5.4.8
Names of Log Files for Oracle Identity Manager Utilities Do Not Include Time Stamp for Some Non-English Locales
16.5.4.9
Pre-Populate Adapter Error Messages Do Not Support Localized Display of Date and Time
16.5.4.10
Some Asian Languages Not Displayed Correctly With Sun JDK 1.4
16.5.4.11
Names of IT Resource Parameters Displayed in the Administrative and User Console Are Not Localized
16.5.4.12
Inconsistent Ordering of Names in Columns of Some Reports in Non-English Environments
16.5.4.13
Error Message Displayed While Trying to Delete Menu Items Is Not Localized
16.5.4.14
Localization to the Chinese (Simplified), Chinese (Traditional), and Portuguese (Brazilian) Languages Not Supported
16.5.4.15
Group Name Field Is Displayed in English
16.5.4.16
Resource Bundle Entry for SoD Not Localized
16.5.4.17
UI Text on Generic Technology Connector Pages of Administrative and User Console Is Not Localized for the Arabic Language
16.6
Customizations
16.6.1
Customizations in Release 9.1.0.2
16.6.1.1
JavaServer Pages
16.6.1.2
Java Files
16.6.1.3
Properties File
16.6.2
Customizations in Release 9.1.0.1
16.6.2.1
JavaServer Pages
16.6.2.2
Java Files
16.6.2.3
Properties File
16.7
Related Documents