Oracle® Access Manager Identity and Common Administration Guide 10g (10.1.4.2.0) Part Number B32419-01 |
|
|
View PDF |
This section describes new features of Oracle Access Manager 10g (10.1.4.0.1) and provides pointers to additional information within this book. Information from previous releases is also retained to help those users migrating to the current release.
The following sections describe the new features in Oracle Access Manager that are covered in this book:
Note:
For a comprehensive list of new features and functions in Oracle Access Manager 10g (10.1.4.0.1), and a description of where each is documented, see the chapter on What's New in Oracle Access Manager in the Oracle Access Manager Introduction.The original product name, Oblix NetPoint, has changed to Oracle Access Manager. Most component names remain the same. However, there are several important changes that you should know about, as shown in the following table:
All legacy references in the product or documentation should be understood to connote the new names.
As part of the globalization support, some file formats have changed from the proprietary .lst format to .xml
Oracle Access Manager 10g Release 3 (10.1.4) has undergone a globalization process to provide multibyte support that enables processing of internationalized data and messages in the user's native language.
password.xml; globalparams.xml; obscoreboard; AppDBfailover.xml and AppDB.xml; ConfigDBfailover.xml and ConfigDB.xml; WebResrcDBfailover.xml -- now WebResrcDB.xml; snmp_agent_config_info.xml; obscoreboard_params.xml
See Also:
References to these file names in this manual.Oracle Access Manager uses a locale-based case insensitive sorting method when you click the column heading (Full Name, for example) in the search results table.
See Also:
"Search Functionality".In the Identity System Console, some display names are displayed incorrectly if the locale of the browser is different from the locale of the characters used in the display name.
When generating a report for an Identity application, save the report file as .txt and re-import it for the characters to display correctly.
Password policies and Lost Password Management have been enhanced.
You can configure the minimum and maximum number of characters users can specify in a password.
See Also:
"Managing Password Policies".For lost password management, you can set multiple challenge-response pairs, create multiple stylesheets, and configure other aspects of the user's lost password management experience.
See Also:
"Lost Password Management".You can redirect users back to the originally requested page after resetting a password.
You can enable users to access resources without re-authenticating after resetting a password.
This book contains expanded information on configuring Oracle Access Manager for multiple directory searchbases, also called disjoint domains or realms.
Information has been added on enabling legacy groups to accepting user subscriptions.
This book contains expanded information on configuring workflows for dynamic targets.
You can dynamically assign a user to a target on a create user workflow. For example, you can define a create user workflow that enables user A to log in under ou=users, invoke the workflow, and create user B whose entry is automatically determined to be in the same ou as user A. This ability always existed in the Identity System, and is now explicitly documented in the chapter on workflows.
The section on the QuickStart tool now mentions that only Master Administrators can use the QuickStart tool.
You may receive an error when viewing or managing a static nested group. Administrators can now disable processing of nested static groups for performance reasons.
The section on configuring panel now notes that you should configure at least one panel for Org. Manager. This is required to enable users to save profile data.
You can now audit to an Oracle Database as well as to Microsoft SQL Server. Support for MySQL is deprecated in this release.
The Crystal Reports package is no longer provided with the Oracle Access Manager package. You must obtain this product from the vendor.
See Also:
"Auditing".Changes to logging parameters take effect within one minute, rather than requiring you to restart the server where the changes were made.
See Also:
"Logging".If Oracle Access Manager experiences a core dump, a stack trace is automatically written to the log file if you have enabled logging.
For keeping log output concise while diagnosing particular problems, you can configure different log level thresholds for different modules within a log configuraiton file. For example, if you want to diagnose slow response times for an Identity Server's LDAP directory, you would only be interested in detailed logs for LDAP operations.
For capacity planning and performance tuning purposes, you can log the time it takes to process calls to external components. For example, when performing capacity planning, you may want to know what calls to the directory server are taking the most time.
When you configure SSL mode for the directory server, only server authentication is supported. Client certificates are not supported.
See Also:
"Transport Security Mode Between Components".The default value for the Maximum Session Time of 0 (no maximum) can cause LDAP caches to become too large. The recommended value is 600 (10 hours).
See Also:
"Creating an LDAP Directory Server Profile".The samAccountNameLength parameter enables you to increase the number of characters permitted as a SamAccountName attribute value. For Active Directory environments that are running in native mode, you may want to increase the default value for this parameter.
See Also:
"About the Length of the SAMAccountName".Information on troubleshooting that was dispersed throughout this manual has been consolidated in a separate appendix.
See Also:
"Troubleshooting Oracle Access Manager".You can now write diagnostic information to a log file and collect stack traces.
The Access Server and Identity Server provide diagnostic tools to help you work with an Oracle Technical Support representative to troubleshoot problems. These tools are not for day-to-day administration. Their purpose is to help you investigate problems that require assistance from Oracle Technical Support.
See Also:
"Capturing Diagnostic Information".New troubleshooting topics have been added.
See Also:
"Access Control and Searchbase Support for eDirectory 8.7.3"
""There is No Profile Configured for This Kind of Object" Error Is Issued"
"Error Message to Check if the Directory Server is Running or Responding"
"Active Directory: Adding Members Causes the Group Size to Shrink"
"Identity System Deletes a User Entry When an RDN Is Modified"
"WebPass Is Unable to Connect to Its Associated Identity Server"
"Simple Transport Security Mode Expires After One Year", "JPEG Photo Images Are Not Updated"
""Cannot Find xenroll.cab" Error Is Issued When Using a Workflow"
"Reports With Non-ASCII Characters Are Not Imported Correctly in Excel"