Index

A B C D E F G H I J L M N O P R S T U V W X

A

About

Daylight Savings Time, 7.4

access

policies, 1.6.2

Access Manager API, 1.4.8

Access Manager SDK

formerly named Access Server SDK, Preface

access policy data, 9.2

Access Server

failover, 4.4

failover to directory server, 4.8.2

load balancing, 4.1

primary, 2.3.1

recommendation, 2.3.1

recommendations, 1.4.3, 2.3.3.1

secondary, 2.3.1

WebGate ratio, 2.3.3.2

Access Server cluster, 4.2.2

Access Server SDK

now named Access Manager SDK, Preface

Access System

capacity planning, 2.3.3

recommendations, 1.6

tuning group evaluation, 3.6.6

AccessGate, 4.2.2

AccessGates, 1.4.8, 1.4.8

account lockout test case, 2.8.1.4

Active Directory

tuning, 3.1.14

administrative access

schema operations, 1.7.1

administrator

class, 1.6.2

AppDBfailover.xml, 4.8.2

application

tier, 1.1

timeouts, 1.4.7

attacks

cookie reply, 1.6.1

audit

data, 1.4.6

data recommendations, 1.4.6

reports, 1.4.6

audit trails, 1.4.6

authentication

form based, 1.6.5

scheme

default schemes, Preface

Authentication API, 1.4.8

authorization

filters, 1.6.2

rule, 1.6.2

Authorization API, 1.4.8

B

back up

after installing, 9.3.2

after upgrading, 9.3.5

before installing, 9.3.1

before upgrading, 9.3.4

customizations, 9.3.3

LDAP directory instances, 9.3.1

back-end customizations, 1.4.8

backup

full, 9.3

recommendations, 9.2

strategies, 9.1

baseline

performance data test cases, 2.8

performance test, 2.4.4

ratios, 2.4.4

throughput numbers, 2.4.4, 2.7

benchmark analysis, 1.4.9

best practices, 1.8

C

cache flush

load balancing, 4.1.1

capacity planning, 2

Access System, 2.3.3

catalogs

message, 9.2

parameter, 9.2

D

data

access policy, 9.2

configuration, 9.2

group, 9.2

user, 9.2

workflow, 9.2

data tier, 1.1

daylight savings time, 7.4

default

style, 1.5.1

deliverables

planning, 1.7.1

DenyOnNotProtected flag, 1.6.4

deploying

WebGates on reverse proxies, 1.6.3

deployment

categories, 1.3

category, 1.7.1

cross-over, 1.4.3

extranet, 1.3.1

general recommendations, 1.4

guidelines, 1.8

intranet, 1.3.2

intranet versus extranet, 1.7.1

large scale, 2.5

mid-sized, 2.5

planning, 1.7

planning overview, 1.7

scenarios, 1.2, 1.2, 1.7.1

scenarios, impact on performance, 2.3.3.1

small scale, 2.5

standardization, 1.7.1

type, 1.1, 1.7.1

directory, 8.2

changing directory settings, 6.1

customizations, 1.4.8

directory pool connections, 4.3.3

directory profile, 4.3.1

failover, 4.9

Directory Profile page, 4.3, 4.3.3

directory servers

failover, 4.4

load balancing, 4.1, 4.3

tuning search performance, 3.3.1.3

disk space sizing

LDAP, 2.6

DN references, 4.3, 4.5

documents

protect all on a Web server, 1.6.4

domain names, 8.2

dynamic group, 1.6.2

dynamic groups, 3.4.1.1, 3.6.6.1

E

encrypted password, 4.8.1

environment, 8.2

estimate

number of users, 2.2.2

Extensible Markup Language, 1.5.1

Extensible Style Language, 1.5.1

extranet

deployment, 1.3.1, 1.7.1

F

failover, 1.2, 4.4, 4.5, 4.9

based on number of LDAP connections, 4.9

based on timeouts

guidelines, 4.10.1

configuration data, 4.5, 4.8.1

directory servers, 4.5

heartbeat_enabled parameter, 4.9

heartbeat_ldap_connection_timeout_in_millis parameter, 4.9

LDAPOperationTimeout, 4.10

of WebGate to another Access Server, 4.6

of WebPass to another Identity Server, 4.6

policy data, 4.5, 4.8, 4.8.2

polling interval, 4.9

requirements, 2.5.1

settings recommended by Oracle, 4.9

Sleep For (Seconds) parameter, 4.9

Sleep For interval, 4.9

Time Limit, 4.10

user data, 4.7

when directory server response is slow, 4.10

Failover Threshold, 4.6, 4.7

file

misc.js, 1.5.1

files

configuration, 9.2

footprint

reference server, 2.5

form-based authentication, 1.6.5

full backup, 9.3

G

globalparams.xml, 4.9

GMT, 2.2.1.2

Greenwich Mean Time, see also GMT, 2.2.1.2

group

data, 9.2

dynamic, 1.6.2

management, 1.6.2

Group Manager

tuning, 3.4.3

group membership, 3.6.6

group object class

changing, 6.1

groups, 3.6.6

excluding member roles, 3.4.2.2

expanding automatically, 3.4.1.1

nested, 3.4.1.2

nested group evaluation, 3.4.1.2

performance of, 3.4.1.1, 3.6.6.1

tuning the Group Manager, 3.4.3

growth

system usage, 2.2.2

guidelines

deployment, 1.8

H

hardware

large deployments, 2.5.2

small to mid-size deployments, 2.5.1

heartbeat, 4.9

heartbeat_enabled parameter, 4.9

heartbeat_ldap_connection_timeout_in_millis parameter, 4.9

historical data, 2.2

horizontal data migration, 8.2

hostnames, 8.2

hotfix release number, 1.7.1

I

Identity Event API, 1.4.8

Identity Server

failover, 4.4

load balancing, 4.1

primary, 2.3.1

recommendation, 2.3.1

recommendations, 1.4.3

recycle instance name, 1.5.2

secondary, 2.3.1

Identity System

deployment, 1.1

performance, 3.4

pooling, 3.3.3

pooling Identity Servers, 3.3.3

recommendations, 1.5

style sheets, tuning, 3.3.4

tuning search, 3.3.1

IdentityXML, 1.4.8, 3.4.1.2

Initial Connections, 4.2, 4.3.3

installation

preparation worksheets, 1.7.1

integrated baseline performance test case, 2.8.3

intranet

deployment, 1.3.2, 1.7.1

intranet versus extranet deployment, 1.7.1

IP addresses, 8.2

reverse proxy, 1.6.3

IP validation, 1.6.1, 1.6.3

J

JavaScript code, 1.5.1

joint Identity and Access System deployment, 1.1

L

large scale deployment, 2.5

hardware, 2.5.2

LDAP, 8.2

directory considerations, 2.6

directory recommendations, 1.4.5

directory server, 1.4.5

LDAP bind password

changing, 6.3

LDAP data

load balancing, 4.1.1

LDAP directory

server requirements, large deployments, 2.6.2

server requirements, small to medium deployments, 2.6.1

LDAP replica, 2.6

LDAP replication

load balancing, 4.1.1

LDAP tools

LDAPMODIFY, 3.2.2

LDAPSEARCH, 3.2.1.1

view LDIFs, 3.2.1

LDAPOperationTimeout parameter, 4.10

library files, 9.2

load

balancing, 1.2

combined, 2.3.1

test, 1.4.9

load balancing, 4.1

configuration data, 4.3.2

directory servers, 4.3

policy data, 4.3.2, 4.3.2

user data, 4.3.1

loginNavi test case, 2.8.2.2

lost password test case, 2.8.1.2

M

management

groups, 1.6.2

Maximum Active Servers, 4.3.1, 4.3.2, 4.3.2

Maximum Connections, 4.2, 4.3.2, 4.3.2, 4.3.3

medium-sized deployment, 2.5

memory sizing

LDAP server, 2.6

meta-data

load balancing, 4.1.1

MetaLink, 1.4

misc.js file, 1.5.1

multi-mastered directories, 4.1.1

N

name changes, Preface

names, new, Preface

nested groups, 3.6.6.2

NetPoint

now named Oracle Access Manager, Preface

NetPoint SAML Services

now named Oracle Identity Federation, Preface

network traffic, 2.2

O

obencrypt tool, 4.8.1

oblix tree, 9.1, 9.2, 9.3

ObMyGroup, 3.6.6.3

Oracle Access Manager

formerly NetPoint or COREid, Preface

Oracle Application Server Best Practices Guide, 1.8

Oracle Identity Federation, Preface

formerly SHAREid, Preface

Oracle Internet Directory

load balancing, 4.1.1

overview

deployment planning, 1.7

P

parameter catalogs, 9.2

patchset release number, 1.7.1

peak load, 2.1, 2.2.2

perfomance tuning

group evaluation in the Access System, 3.6.6

performance

access control policies for groups, 3.4.2.2

and Identity System style sheets, 3.3.4

baseline test cases, 2.8

directory server profile tuning, 3.3.1.3

LDAP search, tuning, 3.3.1, 3.3.1.3

ObMyGroup configuration, 3.6.6.3

of dynamic vs static groups, 3.4.1.1, 3.6.6.1

of nested groups, 3.6.6.2

of the Identity System, 3.4

restricting the operators used in a search, 3.3.1.1

test, baseline, 2.4.4

thread-safe applications, 3.3.2

tuning My Groups pages, 3.4.3.1

tuning the Group Manager, 3.4.3

WebGate impact on Web server, 2.3.3.3

performance tuning

Access Server

reducing instability, 3.6.4

Access Server password validation, 3.6.1

Access System, 3.6

AccessGates, 3.6.5

administrator permissions, 3.1.7

applying search constraints, 3.1.9

archiving workflows, 3.1.6

authorization queries, 3.6.3

cache settings, 3.1.12

cache, number of elements, 3.7.5

caches, 3.7

deleting workflows, 3.1.6

directory connection pool size, 3.1.2

directory content, changing, 3.1.11

directory performance, 3.1.1

directory-to-Access Server connections, 3.1.5

for Active Directory, 3.1.14

group authorization, 3.6.6

Group Manager, 3.4.3

groups

dynamic versus static, 3.4.1.1

large static groups, 3.4.2

groups in the Access System, 3.6.6

Identity Server file system, 3.3.4

Identity Server virtual address space, 3.3.5

Identity System groups, 3.4

Identity System search, 3.3.1

Identity System tuning, 3.3

Identity System-to-directory connections, 3.1.10

indexing attributes, 3.1.4

LDAP tools for, 3.2

LDAPMODIFY, 3.2.2

network tuning, 3.8

ObMyGroups, 3.6.6

passwords, 3.9.3

plug-ins, 3.9.4

resource-intensive operations, 3.9

searchbase configuration, 3.1.8

storing of workflow tickets, 3.1.3

threads and queues, 3.6.2

URL prefix cache, 3.7.3

user cache, 3.7.2

user ID cache, 3.4.4

WebGate cache, 3.7.4

workflows, 3.5

person object class

changing, 6.1

pitfall, 1.6.3

planning, 1.7

considerations for extranet and intranet deployments, 1.3

deliverables, 1.7.1

overview, 1.7

plug-ins, 1.4.8, 1.4.8

performance of, 3.3.2

policies

access, 1.6.2

protect all documents on a Web server, 1.6.4

policy data, 4.3

failover, 4.5, 4.8, 4.8.2

load balancing, 4.1.1, 4.3.2

policy domain

default, Preface

Policy Manager, 1.6.3

failover, 4.4

Policy Manager API, Preface

policy tree, 4.3

polling interval, 4.9

preparation

installation worksheets, 1.7.1

presentation

tier, 1.1

PresentationXML, 1.4.8, 1.5.1, 1.5.1

primary

Access Server, 2.3.1

Identity Server, 2.3.1

primary versus secondary servers, 4.4.1

Procedure

Backing up

To back up critical details after installation, 9.3.2

To back up critical information before installing Oracle Access Manager, 9.3.1

To back up customizations, 9.3.3

Connection pooling

To adjust directory connection pooling from the directory profile, 4.3.3

To adjust directory connection pooling using the ConfigureAAAServer tool, 4.3.3

Failover

To add a failover directory server using the ConfigureAAAServer tool, 4.8.2

To configure Access Server failover for configuration and policy data, 4.8.2

To configure directory failover for user data, 4.7

To configure failover for Web component requests, 4.6

To configure Identity Server directory failover for configuration data, 4.8.1

To configure Policy Manager failover, 4.8.2

To create failover.xml, 4.8.1

To create the encrypted password for the bind DN, 4.8.1

Load balancing

To configure load balancing for user data, 4.3.1

To configure simple round-robin load balancing, 4.2.1

To configure weighted round-robin load balancing of Web component requests, 4.2.2

MetaLink, 1.4

To locate knowledge base articles on MetaLink, 7.4

Peak Load

To base your estimate on the peak load for the deployment, 2.2.1.1

To estimate the peak load based on the number of logged-in users, 2.2.1.2

Recovery

To recovery critical information after installing Oracle Access Manager, 9.4.1

Sizing

To determine the load and sizing for Access and Identity Servers, 2.4.4

To avoid creating tickets for every workflow step, 3.1.3.1

To configure the amount of time to wait for a response before failing over, 4.10.2

To delete or archive a workflow, 3.1.6

To eliminate greater than and less than search operations, 3.3.1.1

To increase the connection pool size for user data, 3.1.2.2

To modify results for a policy or policy domain name search, 3.1.11.1

To modify the evaluation of a large static group, 3.4.2.3

To require the user to enter a minimum number of characters in a search field, 3.3.1.2

To restrict the number of entries returned on a search, 3.3.1.3

To set a minimum number of search characters, 3.1.4.5

To set the polling interval in the Access System, 4.9

To set the polling interval in the Identity System, 4.9

To set the time limit for establishing a connnection to the directory, 4.9

To test for the optimal LDAPOperationTimeout value, 4.10.3

To tune the performance of the My Groups page, 3.4.3.1

To turn off nested group evaluation for the Access System, 3.6.6.2

To turn off nested group evaluation in the Identity System, 3.4.1.2

To turn the heartbeat mechanism on or off, 4.9

projections, 2.2

protect

all documents on a Web server, 1.6.4

proxy, 1.6.3

pitfall, 1.6.3

processes, 1.6.3

servers, 1.6.3

R

ratio

Access Servers to WebGates, 2.3.3.2

recommendation

Access Server, 2.3.1, 2.3.3.1

Identity Server, 2.3.1

recommendations

Access Server, 1.4.3

Access System, 1.6

back up, 9.2

general, 1.4

Identity Server, 1.4.3

Identity System, 1.5

LDAP directory, 1.4.5

security, 1.4.1

standardization, 1.4.2

upgrading customizations and plug-ins, 1.4.8

Web server, 1.4.4

recovery, 9.4.2

strategies, 9.1, 9.1, 9.4.2

recycle

Identity Server instance name, 1.5.2

reference server footprint, 2.5

referential integrity, 4.3

replica

LDAP Directory, 2.6

replicated directory, 1.2

requests per second, 2.2.2

requirements

failover, 2.5.1

restore

LDAP directory instances, 9.4.1

re-use

Identity Server instance name, 1.5.2

reverse proxy, 1.6.1

pitfall, 1.6.3

topology, 1.6.1

WebGates, 1.6.3

revert changes, 9.1

roll back

changes, 9.1

round robin configuration

load balancing, 4.1.1

round-robin

load balancing, 4.3

round-robin configuration

load balancing, 4.2.1

S

sample deployment

medium to large scale, 2.7

sample failover.xml, 4.8.1

sample_failover.xml template, 4.8.1

Sarbanes-Oxley, 6.3

scale out, 2.4.2

scale up, 2.4.1

scaleability characteristics, 2.1

scenario

deployment, 1.7.1

scenarios

deployment, 1.2

schema, 9.2

schema operations

administrative access, 1.7.1

guidelines for tuning, 3.3.1

limiting the number of entries returned on a search, 3.3.1.3

search bar, tuning, 3.3.1.1

setting the minimum number of characters, 3.3.1.2

tuning, 3.3.1.2

secondary

Access Server, 2.3.1

Identity Server, 2.3.1

secure cookies, 1.6.1

security

recommendations, 1.4.1

risk

WebGate IP validation off, 1.6.3

self registration test case, 2.8.1.1

server

capacity, 2.3.1

sizing, 2.2

sizing, small to mid-sized deployment, 2.5.1

utilization, 2.3.1

service thread, 4.3.3

setup

re-running, 6.2

SHAREid

now named Oracle Identity Federation, Preface

single idle timeout, 1.4.7

single sign-on

Web server SSL, 1.6.1

sizing, 2.1

LDAP disk space, 2.6

LDAP server memory, 2.6

Sleep For, 4.7

Sleep For (Seconds) parameter, 4.9

Sleep For Interval, 4.6

Sleep For interval, 4.9

small scale deployment, 2.5

Software developer kit (SDK), 9.2

specific settings, 8.2

SSL

Web server, 1.6.1

standard deviation, 2.2.1.2

standardization, 1.4.2

deployment, 1.7.1

stateless system, 2.2

strategies, 9.4.2

backup, 9.1

recovery, 9.1

style, 1.4.8

default, 1.5.1

style sheets, 3.3.4

style0, 1.5.1

stylesheets, 1.5.1, 9.2

support information, 1.4

system

capacity requirements, 2.2.1.1

configuration

impact on performance, 2.3.3.1

usage growth, 2.2.2

system load, 2.1

system reconfiguration, 6

T

Task overview

Configuring directory failover for configuration and policy data, 4.8

Configuring Identity Server failover for Configuration data, 4.8.1

Developing your planning deliverables, 1.7.1

Planning for the upgrade, 1.7

test cases

baseline performance data, 2.8

thread safe applications, 3.3.2

throughput

numbers, baseline, 2.4.4

ratio tests, 2.4.3

tier

application, 1.1

data, 1.1

presentation, 1.1

Time Limit parameter, 4.10

time management, 7.4

timeout

application, 1.4.7

Timeout Threshold, 4.6

topology, 1.6.1

total maximum users, 2.2.2

transaction throughput, 2.2

transactions-per-second, 2.2.2

type

deployment, 1.7.1

U

unauthorized clients, 1.6.1

Universal Time Coordinated, see also UTC, 2.2.1.2

upgrade, 8.1

upgrading, 1.4.8

back up after, 9.3.5

back up before, 9.3.4

user

data, 9.2

user data, 4.5

failover, 4.5, 4.7

load balancing, 4.1.1, 4.3.1

users

estimate the number of, 2.2.2

total maximum, 2.2.2

UTC, 2.2.1.2

utilization, 2.3.1

V

viewGroupMembers, 3.4.1.2

virtual hosts intercept requests sent to reverse proxy, 1.6.3

W

Web components

load balancing, 4.2

Web server

performance due to WebGate, 2.3.3.3

recommendations, 1.4.4

SSL and single sing-on, 1.6.1

Web server configuration, 9.2

WebGate

Access Server ratio, 2.3.3.2

failover, 4.4, 4.6

impact on Web server performance, 2.3.3.3

load balancing, 4.1

WebPass

failover, 4.4, 4.6

load balancing, 4.1, 4.2.1

WebResrcDBfailoverxml, 4.8.2

weighted round-robin

load balancing, 4.2.2

workflow data, 9.2

worksheets

installation, 1.7.1

World Time, see also GMT, 2.2.1.2

X

XML files, 4.3

XMLSpy, 1.5.1

XSL programming, 1.5.1