Skip Headers
Oracle® Access Manager Identity and Common Administration Guide
10
g
(10.1.4.2.0)
Part Number B32419-01
Home
Book List
Index
Contact Us
Next
View PDF
Contents
List of Examples
List of Figures
List of Tables
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
What's New in Oracle Access Manager?
Product and Component Name Changes
Globalization
Password Policies and Lost Password Management
Configuring Multiple Searchbases
Configuring Groups to Accept Subscriptions
Configuring Workflows
Configuring Group Manager
Configuring Org. Manager
Auditing
Logging
Configuring the Directory Server
Active Directory
Troubleshooting
Part I Introducing Oracle Access Manager Administration
1
Preparing for Administration
1.1
Prerequisites
1.2
About Identity System Configuration and Administration
1.2.1
Identity System Components
1.2.1.1
Review of Identity System Installation and Setup
1.2.1.2
About Configuring the Identity System
1.2.1.3
About Managing the Identity System
1.3
Introduction to Using Oracle Access Manager
1.3.1
Login
1.3.1.1
Logging In to the Identity System
1.3.1.2
Logging into the Access System
1.3.2
Functional Areas on a page
1.3.2.1
Navigation Elements
1.3.2.2
Search Functionality
1.3.3
The Selector
1.3.4
Online Help
1.3.5
The About Page Link
1.3.6
Logging Out
1.3.6.1
To log out
2
Specifying Identity System Administrators
2.1
About Identity System Administrators
2.2
Specifying Administrators
2.2.1
Deleting Administrators
2.3
Delegating Administration
2.3.1
About Delegating Administration
2.3.2
Delegated Administration Models
2.3.2.1
Extranet Model
2.3.2.2
Intranet Model
2.3.2.3
ASP Model
2.3.3
Adding Delegated Administrators
2.3.4
Adding Substitute Administrators
Part II Configuring the Identity System
3
Making Schema Data Available to the Identity System
3.1
About Object Classes
3.1.1
About Sending Data to External Systems Using Template Objects
3.1.2
The Process for Configuring Schema Data
3.1.3
Objects Configured During Installation
3.1.4
Structural and Auxiliary Object Classes in the Identity System
3.1.5
Template Object Classes
3.1.6
Object Class Types
3.2
Viewing Object Classes
3.3
Modifying Object Classes
3.3.1
Selecting a Class Attribute
3.3.2
Changing the Structural Object Class
3.4
Adding Object Classes
3.4.1
How Auxiliary Classes Are Used
3.5
Deleting Object Classes
3.6
About Object Class Attributes
3.6.1
About Configuring Attributes
3.6.2
Attribute Data Types
3.6.3
Attribute Semantic Types
3.6.3.1
Semantic Types Defined During Setup
3.6.3.2
Semantic Types Used in Profile Pages
3.6.3.3
Semantic Types Used in the Group Manager
3.6.3.4
Location Coordinates Semantic Type
3.6.3.5
Semantic Types for Managing Lost Passwords
3.6.3.6
Other Semantic Types
3.6.4
Attribute Display Types
3.7
Viewing Attributes
3.8
Configuring Attributes
3.8.1
Using Rules and Lists
3.8.1.1
Defining a Rule
3.8.1.2
Defining a List
3.8.2
Localizing Attribute Display Names
3.8.3
Search Filters for the Object Selector Display Type
3.8.4
Creating a Search Filter for the Object Selector Display Type
3.8.5
Search Filters for Multiple Target Object Classes
3.8.6
Deleting a Search Filter
3.8.7
Usage of Rules and Filters
3.8.7.1
Static LDAP Search Filters
3.8.7.2
Static Searches Using Wild Cards
3.8.7.3
Static Searches Using Multiple Target Object Classes
3.8.7.4
Substitution Syntax: Returning Targets that Match the DN of the Logged In User
3.8.7.5
Examples of Dynamic LDAP Search Filters
3.8.7.6
Dynamic Searches Using Wild Cards
3.8.7.7
Dynamic Searches Using Multiple Values
3.8.7.8
Use of the Not Operator
3.8.8
Configuring Other Display Types
3.9
Configuring Derived Attributes: Matching Values from Different Attributes
3.9.1
Example of a Derived Attribute
3.9.2
Assigning a Derived Attribute to a User Manager Tab
3.9.3
Permissions for Derived Attributes
3.10
Attributes Configured for an Individual Application
4
Configuring User, Group, and Organization Manager
4.1
About User, Group, and Organization Manager
4.2
Configuring Tabs
4.2.1
Viewing and Modifying Tab Configuration Information
4.2.2
Localizing Tabs
4.2.3
Adding a Tab to the Organization Manager
4.2.4
Specifying the Search Attributes on a Tab
4.2.5
Viewing, Modifying, and Localizing Attributes that Appear in Search Results
4.2.6
Adding Auxiliary and Template Object Classes to a User or Org. Manager Tab
4.2.7
Adding Auxiliary and Template Object Classes to a Group Tab
4.2.8
Configuring Group Manager Tab Options
4.2.9
Deleting a Tab in Organization Manager
4.2.10
Ordering the Tabs in Organization Manager
4.3
Configuring Tab Profile Pages and Panels
4.3.1
Use of LDAP and Template Objects on a Panel
4.3.2
Configuring the Header Panel
4.3.3
Viewing Panels That You Have Configured in the End User Application
4.3.4
Adding, Modifying, Localizing, and Deleting a Panel
4.3.4.1
LDAP and Template Attributes on a Panel
4.3.4.2
Multiple Languages on a Panel
4.3.4.3
Creating a Panel
4.3.4.4
Viewing, Modifying, and Localizing a Panel
4.3.5
Ordering the Panels
4.3.6
Viewing Group Type Panels
4.3.7
Adding, Modifying, Localizing, and Deleting a Group Type Panel
4.3.8
Modifying and Localizing Attributes Displayed on a Panel
4.4
Allowing Users to View and Change LDAP Data
4.4.1
About the Searchbase
4.4.2
Guidelines for Setting the Searchbase
4.4.2.1
If You Need to Modify a Searchbase
4.4.3
Indexing and the Searchbase
4.4.3.1
Indexing Requirements for Oracle Internet Directory
4.4.4
Setting the Searchbase
4.4.4.1
If You Set a Searchbase for a Group
4.4.5
Configuring and Deleting Disjoint Searchbases
4.4.6
Writing LDAP Filters Using Query Builder
4.4.6.1
Methods for Retrieving Matches
4.4.7
Building Advanced LDAP Filters Using QueryBuilder
4.4.8
About View and Modify Permissions
4.4.9
Setting and Modifying LDAP Attribute Permissions
4.4.10
Keys for Selecting Multiple Attributes
4.4.11
Evaluation of LDAP Attribute Permissions
4.5
Examples of Configuring an Application
4.5.1
Displaying Photos in User Profiles
4.5.1.1
Importing and Storing Photos in a Directory
4.5.1.2
Referencing Photos in a File System
4.5.1.3
The Default Photo Image
4.5.2
Enabling the Location Tab in Organization Manager
4.5.3
About Assigning the Right to Create Groups in Group Manager
4.5.4
Configuring a Group to Accept Subscriptions
4.6
End-User Scenarios for the Group Manager
4.6.1
Managing Group Members in Group Manager
4.6.2
Searching for Group Members
4.6.3
Deleting Group Members
4.6.4
Adding Group Members
4.6.5
Managing Group Subscriptions
4.6.6
Subscribing to Groups
4.7
Configuring Auditing Policies
4.7.1
Viewing Auditing Policies
4.7.2
Modifying Auditing Policies
4.8
Generating Reports
4.8.1
Configuring Reports
4.8.2
Viewing, Modifying, Localizing, and Deleting Reports
4.9
Advanced Configuration
4.9.1
Expanding Dynamic Groups
4.9.2
Modifying the Default Searchbase Scope
4.9.3
Simplified Attribute Permissions for a Group
4.9.3.1
Implementing Simplified Permissions
4.9.3.2
Sample gscaclparams.xml File
4.9.3.3
Simplified Permissions Reserved Words
4.9.4
Setting Container Limits in Organization Manager
4.9.4.1
Copying Container Limits
4.9.4.2
Modifying Container Limits
5
Chaining Identity Functions Into Workflows
5.1
About Workflows
5.1.1
How Workflows Are Initiated
5.1.2
Typical Workflow Examples
5.1.3
Advanced Workflow Options
5.1.4
Workflow Types
5.1.5
Creating Workflows
5.1.6
How Users Access Workflows in an Identity System Application
5.1.6.1
About Workflow Tickets
5.1.6.2
A Workflow Scenario
5.1.7
LDAP Versus Template Attributes in a Workflow
5.1.8
Workflow Types, Steps, and Actions
5.1.9
About Workflow Steps
5.1.10
About Step Actions
5.1.11
Descriptions of Step Actions
5.1.12
About Subflows
5.2
Using the QuickStart Tool
5.2.1
Creating a Self-Registration Workflow Using the Quickstart Tool
5.3
Using the Workflow Applet
5.3.1
Starting a New Workflow Definition
5.3.2
Defining an LDAP Target for Create Object Workflows
5.3.3
Defining the First Step in a Workflow
5.3.4
Defining Step Attributes
5.3.5
Defining Subsequent Steps
5.3.6
Committing Workflow Steps
5.3.7
Enabling a Workflow
5.3.8
Testing a Workflow
5.3.9
Example of Defining a Workflow
5.4
Defining a Subflow
5.4.1
Associating a Subflow with a Workflow
5.4.2
Approving Subflow Steps
5.5
Advanced Workflow Ticket Routing
5.5.1
Configuring Workflow Actions for Advanced Ticket Routing
5.5.2
About Notifying Newly Assigned Step Participants
5.5.3
Specifying Dynamic Participants
5.5.3.1
About Workflow Participants
5.5.3.2
About Workflow Ticket Routing
5.5.3.3
About Dynamic Participants
5.5.3.4
About Static Participants
5.5.3.5
About the Static Participants Not Available Button
5.5.3.6
Enabling Dynamic Participants
5.5.4
Specifying Surrogates
5.5.5
Enabling Time-based Escalation
5.6
Performing Asynchronous Operations
5.6.1
Notes on Asynchronous Workflows
5.7
Using a Workflow
5.7.1
Invoking a Workflow
5.7.2
Finding and Processing a Ticket
5.7.3
Deactivating and Reactivating Users
5.7.4
Reactivating a Deactivated User
5.7.5
Monitoring a Workflow
5.7.6
Archiving Requests
5.7.7
Deleting Requests
5.7.8
Preventing Other Administrators from Working on a Workflow Ticket
5.8
Managing Workflows
5.8.1
Viewing and Exporting a Workflow Summary
5.8.2
Copying a Workflow
5.8.3
Modifying a Workflow
5.8.4
Deleting a Workflow
5.8.5
Exporting Workflows
5.8.6
Viewing Workflow Panel Settings
5.8.7
Modifying the Appearance of Workflow Panels
5.8.8
Localizing Workflow Panels
5.8.9
Workflow Performance
5.8.10
The Identity Administrator's Modify Rights
5.9
Advanced Workflow Options
5.9.1
Pre and Post Actions
5.9.2
External Actions
5.9.3
Customization of Data and Actions in a Workflow
5.9.4
Adding Roles to a Workflow
5.10
Creating a Self-Registration Workflow
5.11
Creating a Location Workflow
6
Sending Non-LDAP Data to External Applications
6.1
About Configuring Non-LDAP Data
6.2
Summary of Using Non-LDAP Data in a Workflow
6.3
About Template Objects
6.4
About Template Object Data and Workflows
6.5
Object Template Configuration
6.5.1
Format of the Object Template File
6.5.2
How Template Objects Appear in the Identity System
6.5.3
Elements in an Object Template File
6.6
Sample Object Template File
6.7
Creating an Identity Event Plug-In for Template Attributes
7
Configuring Global Settings
7.1
Configuring Styles for Identity System Applications
7.1.1
Viewing a Style
7.1.2
Adding a Custom Style Directory
7.1.3
Deploying a Style
7.1.4
Changing a Style Name
7.1.5
Modifying a Style
7.1.6
Deleting a Style
7.1.7
Setting the Default Style
7.2
Configuring Multiple Languages for Oracle Access Manager
7.2.1
Selecting a Language for Administrative Pages
7.2.2
Language Evaluation Order for End-User Applications
7.3
Configuring Identity Server Settings
7.3.1
Configuring Session Timeout
7.3.2
Customizing Email Destinations
7.3.3
Configuring a Mail Server
7.3.4
Managing Caches
7.3.5
Managing Multiple Languages
7.4
Managing Identity Servers
7.4.1
Setting Up Multiple Identity Servers
7.4.2
Adding an Identity Server
7.4.3
Viewing and Modifying Identity Server Parameters
7.4.4
Deleting Identity Server Parameters
7.4.5
Managing an Identity Server Service from the Command Line
7.5
Managing Directory Server Profiles
7.5.1
About LDAP Directory Server Profiles
7.5.1.1
Locations for Directory Server Profiles
7.5.2
Creating an LDAP Directory Server Profile
7.5.3
Viewing an LDAP Directory Server Profile
7.5.4
Modifying an LDAP Directory Server Profile
7.5.5
Rerunning Setup Manually
7.5.5.1
Rerunning Identity System Setup
7.5.5.2
Rerunning Policy Manager Setup
7.5.5.3
Reconfiguring the Access Server
7.5.6
Adding Database Instances to LDAP Directory Server Profiles
7.5.6.1
LDAP Referrals
7.5.7
Deleting an LDAP Directory Server Instance
7.5.8
Working With Multiple Directory Searchbases
7.6
Managing RDBMS Profiles
7.6.1
Adding or Modifying an RDBMS Profile
7.6.2
Adding or Modifying an RDBMS Database Instance
7.7
Configuring WebPass
7.7.1
Viewing a Configured WebPass
7.7.2
Adding or Modifying a WebPass
7.7.3
Removing a WebPass
7.7.4
Modifying a WebPass from a Command Line
7.7.5
Managing Associations Between Identity Servers and WebPass
7.7.5.1
To view Identity Servers associated with a WebPass
7.7.5.2
To modify an Identity Server's connections to a WebPass
7.7.5.3
To associate an Identity Server with a WebPass
7.7.5.4
To configure the number of retries to a non-responsive Identity Server
7.7.6
Disassociating a WebPass from an Identity Server
7.7.7
Configuring the WebPass Poll Tracking Parameter
7.8
Configuring Password Policies
7.8.1
Order of Password Policy Evaluation
7.8.2
Managing Password Policies
7.8.2.1
Viewing Password Policies
7.8.2.2
Setting the Defaults or Global Settings for Different Types of Password Policies
7.8.2.3
Creating Password Policies for a Specific Domain
7.8.2.4
Modifying Password Policies
7.8.2.5
Deleting a Password Policy
7.8.3
Lost Password Management
7.8.3.1
Syntax for the Lost Password Management URL
7.8.3.2
About Presenting Challenge Phrases to Users
7.8.3.3
About Other Aspects of the Challenge and Response Page
7.8.3.4
How the User Experiences Lost Password Management with Multiple Challenges
7.8.3.5
Viewing and Configuring Lost Password Management Policies
7.8.4
Implementing Password Policies in the Access System
7.8.4.1
Modifying Authentication Schemes to Include a Password Policy
7.8.5
Configuring Password Redirect URLs
7.8.5.1
Configuring Redirection to a Password Reset Page After Password Expiry
7.8.5.2
Setting Up Password Expiry Warning Redirect URLs
7.8.5.3
Setting Up Redirect URLs for Account Lockout
7.8.6
Updates to the Access Server Cache
7.9
Configuring the Access Manager SDK for the Identity System
7.10
Cloned and Synchronized Components
Part III Performing Common Administrative Tasks
8
Changing Transport Security Modes
8.1
About Transport Security Modes
8.1.1
Transport Security Mode Between Components
8.1.2
About CA Certificates
8.2
Changing Transport Security for the Identity System
8.2.1
Transport Security Mode Changes for the Identity System
8.2.2
Changing to Simple Transport Security Mode
8.2.3
Changing to Cert Transport Security Mode
8.3
Changing Transport Security Modes for the Access System
8.3.1
Transport Security Mode Changes for the Access System
8.3.2
Changing to Open Transport Security Mode
8.3.3
Changing to Simple Transport Security Mode
8.3.4
Changing to Cert Transport Security Mode
8.4
Transport Security Changes for Directory Servers
8.5
Changing Transport Security Passwords
8.6
Importing Multiple CA Certificates
8.7
Changing Access Server Security Password
9
Reporting
9.1
About Reporting
9.1.1
Report Types
9.1.2
Data Sources
9.1.3
Data Output
9.1.4
Output Configuration
9.1.5
Data Uses
9.2
Summary of Reporting Features
10
Logging
10.1
About Logging, Log Levels, and Log Output
10.1.1
About Log Levels
10.1.2
About Capturing Stack Trace Data in the Log Files
10.1.3
About Log Output
10.2
About Log Configuration File Paths and Contents
10.2.1
Log Configuration File Paths and Names
10.2.2
Log Configuration File Contents
10.2.2.1
When Changes to the File Take Effect
10.2.2.2
About Comments in the Log File
10.3
About Directing Log Output to a File or the System File
10.4
Structure of the Log Configuration File
10.4.1
The Log Configuration File Header
10.4.2
The Initial Compound List
10.4.3
The Simple List, Logging Threshold, and Identity System Console Synchronization
10.4.4
The Second Compound List and Log Handlers
10.4.5
The List for Per-Module Logging
10.4.6
About XML Element Order
10.5
About Activating and Suppressing Logging Levels
10.5.1
About Log Handler Precedence
10.6
Log Configuration Parameters
10.6.1
Settings in the Default Log Configuration File
10.6.1.1
Description of the Settings in the Default Log Configuration File
10.7
Configuring Logs in the Identity System Console
10.8
Configuring Different Threshold Levels for Different Types of Data
10.8.1
About the MODULE_CONFIG Section
10.8.1.1
Location of the Per-Module Logging Section in the Log Configuration File
10.8.1.2
List of Modules That Can Be Logged
10.8.2
Configuring a Log Level Threshold for a Function or Module
10.9
Logging the Amount of Time to Process Requests
10.9.1
About the Calls Captured in the Request Timing Logs
10.9.2
About Interpreting Request Times in the Logs
10.9.3
Configuring the Log Files to Capture Time Data for External Requests
11
Auditing
11.1
About Auditing
11.2
Audit Output Considerations
11.2.1
Audit Security Considerations
11.2.2
Audit Performance Considerations
11.2.3
Static Audit Reports
11.2.4
Dynamic Audit Reports
11.2.5
Controlling Audit Output
11.2.6
About Audit Options
11.3
Auditing Requirements
11.3.1
Requirements for Auditing
11.3.2
Requirements for Auditing to a Database
11.3.2.1
Special Components for Database Auditing
11.3.2.2
Updates to Supported Versions and Platforms
11.4
Audit-to-Database Architecture
11.4.1
About OCI Settings
11.4.1.1
OCI Configuration for Oracle Access Manager 10.1.4.0.1
11.4.1.2
OCI Configuration for Oracle Access Manager 10.1.4.2
11.4.2
About ODBC Data Source Definitions
11.4.3
About ODBC Drivers
11.4.3.1
About the Windows ODBC Driver
11.4.4
About RDBMS Profiles for Database Auditing
11.4.4.1
About Profiles For Databases That Use an ODBC Connection Type
11.4.4.2
About Profiles For Databases That Use an OCI Connection Type
11.4.5
About the Audit Database
11.4.6
About the Crystal Repository
11.4.6.1
About Audit Reports
11.5
Setting Up File-Based Auditing
11.6
Setting Up Database Auditing
11.6.1
Setting Up Your System for Database Auditing
11.6.1.1
About installing SQL Server (Windows)
11.6.1.2
Creating the Audit Database
11.6.1.3
Tuning the Audit Schema
11.6.1.4
Uploading the Audit Schema
11.6.1.5
Enabling Access and Identity Servers to Connect to the Audit Database
11.6.2
Configuring Auditing
11.7
Setting up Audit Reports
12
SNMP Monitoring
12.1
Prerequisites
12.2
About Oracle Access Manager SNMP Monitoring and Agents
12.2.1
The SNMP Agent
12.3
About the Oracle Access Manager MIB and Objects
12.3.1
MIB Index Fields
12.3.2
Identity Server MIB Objects
12.3.3
Access Server MIB Objects
12.4
About Integration with Oracle Enterprise Manager 10g Identity Management
12.5
Enabling and Disabling SNMP Monitoring
12.6
Setting Up SNMP Agent and Trap Destinations
12.7
Changing SNMP Configuration Settings
12.8
Logging for SNMP
12.9
SNMP Messages
12.10
Discrepancies Between Netstat and SNMP Values
12.11
Configuring the Shutdown Interval
Part IV Appendices
A
Deploying with Active Directory
A.1
Setting Up Directory Profiles and Searchbases
A.1.1
Defining Directory Server Profiles for Remaining Domains
A.1.2
Setting Up Disjoint Searchbases
A.1.2.1
About Deleting a Disjoint Searchbase
A.1.3
Configuring Group-Search Read Operations (Optional)
A.2
Authentication and Authorization with Active Directory
A.2.1
Parent-Child Authentication
A.2.2
Parent-Child Authorization
A.2.3
ObMyGroups Action Attribute
A.3
Configuring the credential_mapping Plug-In
A.4
Configuring Single Sign-On for Use with Active Directory
A.5
About Search Filters
A.6
About the Length of the SAMAccountName
A.7
Configuring for .NET Features
A.8
Troubleshooting
A.9
Microsoft Resources
B
Configuring for ADSI
B.1
About ADSI with Oracle Access Manager
B.1.1
Recommendation
B.2
Identity System ADSI Configurations
B.2.1
Pure ADSI with ADSI Authentication
B.2.2
Mixed ADSI with LDAP Authentication
B.2.3
Bind Mechanisms for the Identity Server
B.2.4
Oracle Access Manager ADSI Configuration Files
B.2.4.1
About globalparams
B.2.4.2
About adsi_params
B.3
Access System ADSI Configurations
B.3.1
Pure ADSI with ADSI Authentication
B.3.2
Access System ADSI Configuration Files
B.4
Configuring ADSI for the Identity System
B.5
Enabling ADSI for a Default Directory Profile
B.6
Enabling ADSI for Other Directory Profiles
B.7
Configuring ADSI for the Access System
B.8
Changing the pageSize Parameter
B.9
Troubleshooting
C
Configuring for Active Directory with LDAP
C.1
Overview
C.2
Setting Up the Policy Manager for LDAP
C.3
Setting Up the Access Server for LDAP
C.4
Setting Active Directory Timeouts for LDAP
C.5
Enabling LDAP Authentication with ADSI
D
Implementing .NET Features
D.1
Resolving Ambiguous Names
D.1.1
About ANR Attributes, Searches, and Results
D.1.2
Configuring for ANR
D.1.2.1
Updating Configuration Data
D.1.2.2
Configuring ANR in Identity System Panels
D.1.2.3
Verifying ANR Attribute Access Control
D.1.2.4
Using ANR in Identity System Searches
D.2
Configuring for Dynamically Linked Auxiliary Classes
D.2.1
Adding Attributes Dynamically
D.2.2
Adding Attributes for a Group
D.3
Enabling Fast Bind for Access System Authentication
D.4
Enabling Impersonation
D.5
Setting Up Integrated Windows Authentication
D.5.1
Enabling IWA on the WebGate Web Server
D.5.2
Configuring the WebGate for IWA
D.5.3
Creating an IWA Authentication Scheme in Oracle Access Manager
D.5.4
Testing IWA Implementation
D.6
Using Access System Password Management
D.7
Using Managed Code and Helper Classes
D.8
Integrating with Authorization Manager Services
D.9
Integrating with Smart Card Authentication
D.10
Integrating the Security Connector for ASP.NET
D.11
Troubleshooting
D.12
Microsoft Resources
E
Oracle Access Manager Parameter Files
E.1
File Categories
E.2
For More Information on the Parameter Files
F
Troubleshooting Oracle Access Manager
F.1
Directory and Database Problems and Solutions
F.1.1
Problem Setting up SSL Between the Identity Server and Active Directory
F.1.2
Error Message to Check if the Directory Server is Running or Responding
F.1.3
Access Control and Searchbase Support for eDirectory 8.7.3
F.1.3.1
Problem
F.1.3.2
Solution
F.1.4
Unable to Save a Directory Server Profile
F.1.4.1
Problem
F.1.4.2
Solution
F.1.5
Active Directory: Adding Members Causes the Group Size to Shrink
F.1.6
ADSI Cannot Be Enabled for a Directory Profile
F.1.6.1
Problem
F.1.6.2
Solution
F.1.7
Database Validation Fails
F.1.7.1
Problem
F.1.7.2
Solution
F.2
Other Problems and Solutions
F.2.1
Auditing for the Identity System Ceases to Work
F.2.1.1
Problem
F.2.1.2
Solution
F.2.2
Identity Server Crashes if It Cannot Find a Stylesheet
F.2.2.1
Problem
F.2.2.2
Solution
F.2.3
Identity System Deletes a User Entry When an RDN Is Modified
F.2.3.1
Problem
F.2.3.2
Solution
F.2.4
JPEG Photo Images Are Not Updated
F.2.4.1
Problem
F.2.4.2
Solution
F.2.5
Memory Usage Rises for an Identity Server After Configuring a Directory Server Profile
F.2.5.1
Problem
F.2.5.2
Solution
F.2.6
Pass Phrase for Simple Transport Security Has Been Lost
F.2.7
Performance of a Component Performance is Slow
F.2.7.1
Problem
F.2.7.2
Solution
F.2.8
Reports With Non-ASCII Characters Are Not Imported Correctly in Excel
F.2.8.1
Problem
F.2.8.2
Solution
F.2.9
Simple Transport Security Mode Expires After One Year
F.2.9.1
Problem
F.2.9.2
Solution
F.2.10
Stylesheet Validation Fails
F.2.10.1
Problem
F.2.10.2
Solution
F.2.11
User Creation Might Fail When You Have Multi-byte Charcters in the Password
F.2.12
WebPass Is Unable to Connect to Its Associated Identity Server
F.2.12.1
Problem
F.2.12.2
Solution
F.3
Error Messages and Recommendations for Handling Them
F.3.1
"Cannot Find xenroll.cab" Error Is Issued When Using a Workflow
F.3.1.1
Problem
F.3.1.2
Solution
F.3.2
"Enable Failed" Error Is Issued When Using a Workflow
F.3.2.1
Problem
F.3.2.2
Solution
F.3.3
"There is No Profile Configured for This Kind of Object" Error Is Issued
F.3.3.1
Problem
F.3.3.2
Solution
F.3.4
"Warning: Page Has Expired" Error Is Issued
F.3.4.1
Problem
F.3.4.2
Solution
F.4
Capturing Diagnostic Information
F.4.1
About Oracle Access Manager Diagnostics
F.4.2
Collecting Diagnostic Data
F.4.3
Interpreting Diagnostic Output
F.4.3.1
Interpreting Diagnotic Output When the list Parameter Is Used
F.4.3.2
Interpreting Diagnostic Output When the detail Parameter Is Used
F.4.3.3
Interpreting the Diagnostic Data for Caches
F.4.4
Automatically Writing Stack Traces to a Log File After a Core Dump
F.4.5
Manually Requesting a Stack Trace
F.5
Need More Help?
Index