| Oracle® Application Server Release Notes 10g (10.1.4.0.1) for Solaris Operating System (x86) and Solaris Operating System (x86-64) Part Number B32092-01 |
|
|
View PDF |
| Oracle® Application Server Release Notes 10g (10.1.4.0.1) for Solaris Operating System (x86) and Solaris Operating System (x86-64) Part Number B32092-01 |
|
|
View PDF |
This chapter describes issues for both the Oracle Delegated Administration Services (DAS) and the Oracle Internet Directory Self-Service Console. It includes the following topics:
This section describes general issues and their workarounds for Oracle Delegated Administration Services. It includes the following topics:
By default, the installation process does not enable SSL for Oracle Delegated Administration Services. Following the installation process, Oracle recommends that you enable SSL mode for Oracle Delegated Administration Services by following the instructions in Oracle Application Server Administrator's Guide.
If you enter a single percent sign (%) or asterisk (*) wildcard character when searching for users or groups in the Oracle Internet Directory Self-Service Console, no results are returned. To return a list of all users or groups, do not enter any characters in the search box in the Search for Users or Search for Groups windows.
When an Oracle Delegated Administration services instance is configured to use SSL, or if you change the host and port where the instance is deployed, the Oracle Internet Directory Self-Service Console link does not work in Oracle Identity Manager Grid Control Plug-in. To resolve this issue, perform the following steps to manually configure the Oracle Internet Directory Self-Service Console link on the Oracle Identity Manager Grid Control Plug-in page.
Start Oracle Enterprise Manager 10g Grid Control Console.
Click the Targets tab, and then click the Identity Management subtab.
Select the Oracle Delegated Administration Services instance that you need to update and click Configure.
Modify the properties as necessary.
This section describes administration issues and their workarounds for Oracle Delegated Administration Services. It includes the following topic:
To disable password change and reset functionality, assign a value of false to the RESET_PASSWD_ENABLED parameter in the $ORACLE_HOME/ldap/das/das.properties file. This removes the Forgot Your Password? link from the Oracle Internet Directory Self-Service Console home page and the Manage My Password link from the My Profile tab.
Disabling password change and reset functionality only applies to users; the Forgot Your Password? link on the Oracle Internet Directory Self-Service Console home page and the Manage My Password link on the My Profile tab are always available to administrators, regardless of the value assigned to the RESET_PASSWD_ENABLED parameter.
Various application, including OracleAS Portal, use Oracle Delegated Administration Services to reset Oracle Application Server Single Sign-On passwords. Users can reset their own passwords by clicking on a link in the source application, which opens the Reset My Single Sign-On Password page in Oracle Internet Directory Self-Service Console. However, when users click the OK button after resetting their passwords, or if they click the Cancel button to abort the password change process, they are redirected to the Oracle Delegated Administration Services home page instead of to the referring application page.
To redirect users to a location other than the Oracle Delegated Administration Services home page, append a query string containing the correct return URLs to the link on the referring application page. Include in the query string two name=value pairs for the doneURL and the cancelURL attributes. The doneURL attribute identifies the redirect URL to call when users click the OK button and the cancelURL attribute identifies the redirect URL to call when users click the Cancel button. The following example demonstrates how to build a URL to the Change Application Password page that includes the doneURL and the cancelURL attributes:
http://host:port/oiddas/ui/oracle/ldap/AppStep1ResetPwd? cancelURL=http://www.domain.com&doneURL=http://www.domain.com
