1/26
Contents
List of Figures
List of Tables
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
1
Enterprise Deployment Overview
1.1
What is an Enterprise Deployment?
1.2
Terminology
1.3
Benefits of Oracle Recommendations
1.3.1
Built-in Security
1.3.2
High Availability
1.4
The Enterprise Deployment Reference Topologies
1.4.1
Topology 1 - Oracle Access Manager 11g
1.4.1.1
Understanding the Directory Tier
1.4.1.2
Understanding the Application Tier
1.4.1.3
Understanding the Web Tier
1.4.2
Topology 2 - Oracle Access Manager 10g and Oracle Identity Manager 11g
1.4.2.1
Understanding the Directory Tier
1.4.2.2
Understanding the Application Tier
1.4.2.3
Understanding the Web Tier
1.4.3
Topology 3 - Oracle Access Manager 11g and Oracle Identity Manager 11g
1.4.3.1
Understanding the Directory Tier
1.4.3.2
Understanding the Application Tier
1.4.3.3
Understanding the Web Tier
1.4.4
Topology 4 - Oracle Adaptive Access Manager 11g
1.4.4.1
Understanding the Directory Tier
1.4.4.2
Understanding the Application Tier
1.4.4.3
Understanding the Web Tier
1.4.5
Topology 5 - Oracle Identity Federation 11g
1.4.5.1
Understanding the Directory Tier
1.4.5.2
Understanding the Application Tier
1.4.5.3
Understanding the Web Tier
1.5
Using This Guide
2
Prerequisites for Enterprise Deployments
2.1
Hardware Resource Planning
2.2
Network Prerequisites
2.2.1
Load Balancers
2.2.2
Configuring Virtual Server Names and Ports on the Load Balancer
2.2.3
Administration Server Virtual IP Address
2.2.4
Managing Oracle Fusion Middleware Component Connections
2.2.5
Oracle Access Manager Communication Protocol and Terminology
2.2.5.1
Oracle Access Manager Protocols
2.2.5.2
Overview of User Request
2.2.6
Firewall and Port Configuration
2.3
WebLogic Domain Considerations
2.4
Shared Storage and Recommended Directory Structure
2.4.1
Directory Structure Terminology and Environment Variables
2.4.2
Recommended Locations for the Different Directories
3
Configuring the Database Repositories
3.1
Real Application Clusters
3.2
Configuring the Database for Oracle Fusion Middleware 11g Metadata
3.3
Executing the Repository Creation Utility
3.3.1
Procedure for Executing RCU
3.3.2
RCU Example
4
Installing the Software
4.1
Introduction
4.2
Using this Guide
4.3
Software Installation Summary
4.4
Installing Oracle HTTP Server on WEBHOST1 and WEBHOST2
4.4.1
Prerequisites
4.4.1.1
Check Port 7777
4.4.1.2
Check oraInst.loc
4.4.2
Installation
4.4.3
Upgrading Oracle HTTP Server from 11.1.1.2 to 11.1.1.3
4.5
Installing Oracle Fusion Middleware
4.5.1
Installing Oracle Fusion Middleware Components
4.5.2
Installing Oracle Fusion Middleware Home
4.5.3
Installing Oracle WebLogic Server
4.5.4
Installing the OIM Platform and Directory Services Suite
4.5.5
Installing the Oracle SOA Suite
4.6
Upgrading the Oracle Homes for Oracle Identity Management Suite and Oracle SOA from 11.1.1.2 to 11.1.1.3
4.6.1
Upgrading the Oracle Identity Management Platform and Directory Services Suite Oracle Home
4.6.2
Upgrading the Oracle SOA Suite Oracle Home
4.6.3
Installing the Oracle Identity Management Suite
4.7
Patching the Software
4.7.1
Patch 9674375
4.7.2
Patch 9817469
4.7.3
Patch 9882205
4.7.4
Patch 9745107
4.7.5
Patch 9449855
4.7.6
Patch 9477292
4.7.7
Creating the wlfullclient.jar File
4.7.8
Provisioning the OIM Login Modules Under the WebLogic Server Library Directory
4.7.9
Patch 9847606
4.8
Upgrading Existing Enterprise Deployment Topologies
4.9
Backing Up the Installation
5
Configuring the Web Tier
5.1
Configuring the Web Tier
5.2
Configuring the Oracle Web Tier
5.2.1
Validating the Installation
5.3
Configuring Oracle HTTP Server with the Load Balancer
5.4
Configuring Virtual Hosts
5.5
Validating the Installation
5.6
Backing up the Web Tier Configuration
6
Creating the WebLogic Server Domain for Identity Management
6.1
Enabling ADMINVHN on IDMHOST1
6.2
Running the Configuration Wizard on IDMHOST1 to Create a Domain
6.3
Creating boot.properties for the Administration Server on IDMHOST1
6.4
Starting Node Manager on IDMHOST1
6.5
Updating the Node Manager Credentials
6.6
Disabling Host Name Verification for the Oracle WebLogic Administration Server
6.7
Stopping and Starting the WebLogic Administration Server
6.8
Validating the Administration Server
6.9
Configuring Oracle HTTP Server for the Administration Server
6.10
Registering Oracle HTTP Server With WebLogic Server
6.11
Setting the Front End URL for the Administration Console
6.12
Validating Access Through Oracle HTTP Server
6.13
Manually Failing Over the Administration Server
6.13.1
Failing over the Administration Server to IDMHOST2
6.13.2
Starting the Administration Server on IDMHOST2
6.13.3
Validating Access to IDMHOST2 Through Oracle HTTP Server
6.13.4
Failing the Administration Server Back to IDMHOST1
6.14
Backing Up the WebLogic Domain
7
Extending the Domain with Oracle Internet Directory
7.1
Prerequisites for Configuring Oracle Identity Directory Instances
7.1.1
Synchronizing the Time on Oracle Internet Directory
7.2
Configuring the Oracle Internet Directory Instances
7.2.1
Configure the First Oracle Internet Directory Instance
7.2.2
Configuring an Additional Oracle Internet Directory Instance
7.3
Post-Configuration Steps
7.3.1
Registering Oracle Internet Directory with the WebLogic Server Domain
7.4
Validating the Oracle Internet Directory Instances
7.5
Backing up the OID Configuration
8
Extending the Domain with Oracle Virtual Directory
8.1
Prerequisites for Configuring Oracle Virtual Directory Instances
8.1.1
Software, Network, and Directory Structure
8.2
Configuring the Oracle Virtual Directory Instances
8.2.1
Configuring the First Oracle Virtual Directory Instance
8.2.2
Configuring an Additional Oracle Virtual Directory
8.3
Post-Configuration Steps
8.3.1
Registering Oracle Virtual Directory with the Oracle WebLogic Server Domain
8.3.2
Creating Server Certificates for the Oracle Virtual Directory Instances
8.3.3
Configuring Adapters in Oracle Virtual Directory
8.4
Validating the Oracle Virtual Directory Instances
8.5
Backing Up the Oracle Virtual Directory Configuration
9
Extending the Domain with Oracle Directory Integration Platform and ODSM
9.1
Extending the Oracle WebLogic Domain with Oracle Directory Integration Platform and ODSM
9.2
Expanding the Oracle Directory Integration Platform and ODSM Cluster
9.2.1
Installing and Configuring Oracle Directory Integration Platform and ODSM on IDMHOST2
9.2.2
Post-Installation Steps
9.2.2.1
Copying the DIP Application from IDMHOST1 to IDMHOST2
9.2.2.2
Setting the Listen Address for the Managed Servers
9.2.2.3
Starting the Managed Server on IDMHOST2
9.3
Provisioning the Managed Servers on the Local Disk
9.4
Configuring ODSM to work with the Oracle Web Tier
9.4.1
Prerequisites
9.4.2
Configuring Oracle HTTP Servers to Access the ODSM Console
9.5
Validating the Application Tier Configuration
9.5.1
Validating Oracle Directory Services Manager
9.5.2
Validating Oracle Directory Integration Platform
9.6
Creating the Oracle Internet Directory Adapter Using ODSM
9.7
Backing Up the Application Tier Configuration
10
Extending the Domain with Oracle Access Manager 10g
10.1
Introduction to Installing Oracle Access Manager
10.1.1
Using 10
g
Oracle Single Sign-On and Delegated Administration Services
10.1.2
Using Different LDAP Directory Stores
10.1.2.1
Using Oracle Virtual Directory as the Identity Store
10.2
Prerequisites
10.2.1
Making libgcc_s.so.1 and libstdc++.so.5 Available
10.2.2
Working Around the Installer Bug
10.3
Identity System Installation and Configuration
10.3.1
Installing Identity Servers on OAMHOST1 and OAMHOST2
10.3.1.1
Installing the First Identity Server on OAMHOST1
10.3.1.2
Installing the Second Identity Server on OAMHOST2
10.3.2
Installing Oracle HTTP Server on OAMADMINHOST
10.3.2.1
Installing Oracle HTTP Server
10.3.2.2
Validating the Installation of Oracle HTTP Server
10.3.3
Installing WebPass on OAMADMINHOST
10.3.3.1
Validating the WebPass Installation
10.3.4
Configuring Identity Servers Using WebPass
10.3.4.1
Configuring the First Identity Server
10.3.4.2
Configuring the Second Identity Server
10.4
Access System Installation and Configuration
10.4.1
Installing the Policy Manager on OAMADMINHOST
10.4.1.1
Configuring the Policy Manager
10.4.2
Installing the Access Server on OAMHOST1 and OAMHOST2
10.4.2.1
Creating an Access Server Instance
10.4.2.2
Starting the Access Server Installation
10.4.3
Installing WebGate on OAMADMINHOST, WEBHOST1, and WEBHOST2
10.4.3.1
About the Oracle Access Manager Configuration Tool
10.4.3.2
Collecting the Information for the OAM Configuration Tool
10.4.3.3
Running the OAM Configuration Tool
10.4.3.4
Updating the Host Identifier
10.4.3.5
Updating the WebGate Profile
10.4.3.6
Assigning an Access Server to the WebGate
10.4.3.7
Installing the WebGate
10.4.3.8
Configuring IP Validation for the WebGate
10.5
Backing Up the Oracle Access Manager Configuration
11
Extending the Domain with Oracle Access Manager 11g
11.1
Introduction to Installing Oracle Access Manager
11.1.1
Using Different LDAP Directory Stores
11.1.2
Using Oracle Virtual Directory as the Identity Store
11.2
Prerequisites
11.3
Configuring Oracle Access Manager on IDMHOST1
11.3.1
Extend Domain with Oracle Access Manager
11.3.2
Starting Oracle Access Manager Server on IDMHOST1
11.3.3
Remove IDM Domain Agent
11.3.4
Propagating the Domain Changes to the Managed Server Domain Directory
11.4
Configure Oracle Access Manager on IDMHOST2
11.4.1
Deploying Oracle Access Manager on IDMHOST2
11.4.2
Updating Node Manager Properties File on IDMHOST2
11.4.3
Starting Oracle Access Manager Server on IDMHOST2
11.5
Configuring Oracle Access Manager to work with the Oracle Web Tier
11.5.1
Prerequisites
11.5.2
Making Oracle Access Manager Server Aware of Load balancer
11.5.3
Configuring Oracle HTTP Servers to Display Login Page
11.5.4
Configuring Oracle HTTP Servers to Access Oracle Access Manager Console
11.5.5
Validating Accessibility
11.6
Changing Request Cache Type
11.7
Configuring Oracle Access Manager to use an External LDAP store
11.7.1
Creating Users and Groups in LDAP
11.7.2
Backing up Existing Configuration
11.7.3
Creating User Identity Store
11.7.4
Setting LDAP to Primary Authentication Store
11.7.5
Validating the Configuration
11.8
Creating Policy Groups
11.8.1
Creating Oracle Access Manager Policy Group
11.8.2
Creating Oracle Adaptive Access Manager Policy Group
11.9
Validating Oracle Access Manager
11.9.1
Creating a Test Resource
11.9.2
Creating a Resource
11.9.3
Assigning Resource to Policy Group
11.9.4
Adding Resource to Protected Resources
11.9.5
Validating Oracle Access Manager
11.10
Backing Up the Application Tier Configuration
12
Extending the Domain with Oracle Adaptive Access Manager
12.1
Prerequisites
12.1.1
Creating OAAM Administrative Groups and User in LDAP
12.2
Configuring Oracle Adaptive Access Manager on IDMHOST1
12.2.1
Extending Domain for Oracle Adaptive Access Manager
12.2.2
Starting Admin Server on IDMHOST1
12.2.3
Creating OAAM Administration User in WebLogic Console
12.2.4
Configuring Oracle Adaptive Access Manager on OAAMHOST1
12.3
Starting and Validating OAAMHOST1
12.3.1
Creating Node Manager Properties File on OAAMHOST1
12.3.2
Starting Oracle Adaptive Access Manager on OAAMHOST1
12.3.3
Validating OAAMHOST1
12.4
Configuring Oracle Adaptive Access Manager on OAAMHOST2
12.4.1
Deploying Domain on OAAMHOST2
12.4.2
Starting OAAMHOST2
12.4.2.1
Creating Node Manager Properties File on OAAMHOST2
12.4.2.2
Starting Oracle Adaptive Access Manager on OAAMHOST2
12.4.3
Validating OAAMHOST2
12.5
Configuring OAAM to Work with the Oracle HTTP Server
12.5.1
Updating Oracle HTTP Server configuration
12.5.2
Restarting Oracle HTTP Server
12.5.3
Changing Host Assertion in WebLogic
12.5.4
Validating Oracle Adaptive Access Manager
12.6
Loading Oracle Adaptive Access Manager Seed Data
12.6.1
Loading Default Policies into OAAM Repository
12.6.2
Updating Default Policies to Force Challenge Questions
12.6.3
Loading Knowledge-Based Authentication Questions into OAAM Repository
12.7
Oracle Adaptive Access Manager Integration
12.8
Backing Up the Application Tier Configuration
13
Extending the Domain with Oracle Identity Manager
13.1
Prerequisites
13.2
Extending the Domain to Configure OIM and Oracle SOA Suite on IDMHOST1
13.3
Configuring Oracle Identity Manager on IDMHOST1
13.3.1
Prerequisites for Configuring Oracle Identity Manager
13.3.1.1
Configuring Oracle Internet Directory using the LDAP Configuration Pre-Setup Script
13.3.1.2
Creating Adapters in Oracle Virtual Directory
13.3.2
Running the Oracle Identity Management Configuration Wizard
13.4
Propagating the OIM and SOA Managed Servers to OIMHOST1 and OIMHOST2
13.5
Post-Installation Steps on OIMHOST1 and OIMHOST2
13.5.1
Updating the Coherence Configuration for the SOA Managed Server
13.5.2
Starting the WLS_OIM1 and WLS_SOA1 Managed Servers on OIMHOST1
13.5.3
Validating Oracle Identity Manager Instance on OIMHOST1
13.6
Post-Installation Steps on OIMHOST2
13.6.1
Starting Node Manager on OIMHOST2
13.6.2
Starting the WLS_OIM2 and WLS_SOA2 Managed Servers on OIMHOST2
13.6.3
Validating Oracle Identity Manager Instance on OIMHOST2
13.7
Configuring Oracle Internet Directory using the LDAP Configuration Post-Setup Script
13.8
Configuring Oracle Identity Manager to Work with the Oracle Web Tier
13.8.1
Prerequisites
13.8.2
Configuring Oracle HTTP Servers to Front End the OIM & SOA Managed Servers.
13.8.3
Changing Host Assertion in WebLogic
13.8.4
Validating Oracle Identity Manager Instance from the WebTier
13.9
Configuring a Shared JMS Persistence Store
13.10
Configuring a Default Persistence Store for Transaction Recovery
13.11
Adding the CSF Entries for Oracle Identity Management and WSM
13.12
Backing Up the Application Tier Configuration
14
Extending the Domain with Authorization Policy Manager and Identity Navigator
14.1
Extending the Domain with Oracle Authorization Policy Manager
14.1.1
Base Authorization Policy Manager Platform
14.1.2
Prerequisites
14.1.3
Configuring Authorization Policy Manager on IDMHOST1
14.1.4
Stopping and Starting the Admin Server IDMHOST1
14.1.5
Authorization Policy Manager on IDMHOST2
14.1.6
Configure Oracle HTTP Servers to Access APM Console
14.1.6.1
Validating the Implementation
14.1.7
Configuring Authorization Policy Manager to Use an External LDAP Store
14.2
Extending the Domain with Oracle Identity Navigator
14.2.1
Prerequisites
14.2.2
Configure Oracle Identity Navigator on IDMHOST1
14.2.3
Stopping and Starting the Administration Server IDMHOST1
14.2.4
Provisioning Oracle Identity Navigator on IDMHOST1
14.2.5
Configuring Oracle HTTP Servers to Access OIN Console
14.2.6
Validating Oracle Identity Navigator
14.3
Backing Up the Application Tier Configuration
15
Extending the Domain with Oracle Identity Federation
15.1
Prerequisites
15.2
Configuring Oracle Identity Federation on OIFHOST1
15.3
Configuring Oracle Identity Federation on OIFHOST2
15.4
Post-Installation Steps for Oracle Identity Federation
15.4.1
Copying the OIF Configuration Directory from OIFHOST1 to OIFHOST2
15.4.2
Set the Listen Address for the Managed Servers
15.4.3
Starting the Managed Server on OIFHOST2
15.5
Provisioning the Managed Servers on the Local Disk
15.6
Enabling Oracle Identity Federation Integration with LDAP Servers
15.7
Configuring Oracle Identity Federation to work with the Oracle Web Tier
15.7.1
Prerequisites
15.7.2
Making OIF aware of the Load Balancer
15.7.3
Configuring Oracle HTTP Servers To Front End the OIF Managed Servers
15.8
Validating Oracle Identity Federation
15.9
Backing Up the Application Tier Configuration
16
Setting Up Node Manager
16.1
About Setting Up Node Manager
16.2
Changing the Location of the Node Manager Log
16.3
Enabling Host Name Verification Certificates for Node Manager
16.3.1
Generating Self-Signed Certificates Using the utils.CertGen Utility
16.3.2
Creating an Identity Keystore Using the utils.ImportPrivateKey Utility
16.3.3
Creating a Trust Keystore Using the Keytool Utility
16.3.4
Configuring Node Manager to Use the Custom Keystores
16.3.5
Configuring Managed WLS Servers to Use the Custom Keystores
16.3.6
Changing the Host Name Verification Setting for the Managed Servers
16.4
Starting Node Manager
17
Configuring Server Migration for Oracle Identity Manager
17.1
Setting Up a User and Tablespace for the Server Migration Leasing Table
17.2
Creating a Multi Data Source Using the Oracle WebLogic Administration Console
17.3
Editing Node Manager's Properties File
17.4
Setting Environment and Superuser Privileges for the wlsifconfig.sh Script
17.5
Configuring Server Migration Targets
17.6
Testing the Server Migration
18
Integrating Components
18.1
Migrating Policy and Credential Stores
18.1.1
JPS Root Creation
18.1.2
Reassociating the Policy and Credential Store
18.2
Installing and Configuring WebGate
18.2.1
Prerequisites
18.2.1.1
Making Special gcc Libraries Available
18.2.2
Creating WebGate Agents
18.2.2.1
Using the Remote Registration Utility
18.2.2.2
Using Oracle Access Manager Administration Console
18.2.2.3
Update Newly-Created Agent
18.2.3
Installing Oracle WebGate on WEBHOST1 and WEBHOST2
18.2.3.1
Oracle WebGate 10g
18.2.4
Validating WebGate
18.3
Integrating Oracle Access Manager 10
g
and Oracle Identity Manager
18.3.1
Prerequisites
18.3.1.1
Update the LDAP Schema Definitions
18.3.1.2
Creating an Oracle Identity Manager User with Administrator Privileges
18.3.1.3
Patching the Oracle Access Manager 10
g
Access Server
18.3.1.4
Patching the Oracle Access Manager 10g Webgates
18.3.1.5
Configure the WebLogic Domain for Single Sign On
18.3.2
Configuring OAM for OAM -OIM Integration
18.3.2.1
Creating Policies in Oracle Access Manager 10g
18.3.2.2
Configuring OAM 10g for Integration with OIM
18.3.3
Configuring OIM for OAM/OIM Integration
18.3.3.1
Configuring OAM 10g/OIM Authenticator
18.3.3.2
Seeding Access Gate Password in CSF
18.3.3.3
Enable WLS Plug-ins
18.3.3.4
Import the SSO Notfication Eventhandlers into the MDS Repository
18.3.3.5
Configuring OAM 10g/OIM Authenticator
18.3.4
Update Existing LDAP Users with Required Object Classes
18.3.4.1
Prerequisites
18.3.4.2
Using OIM Configuration Tool
18.4
Integrating Oracle Identity Manager and Oracle Access Manager 11g
18.4.1
Prerequisites
18.4.2
Updating Single Sign-on Provider Configuration
18.4.3
Configure Oracle Access Manager for Oracle Identity Manager Integration
18.4.4
Integrating OAM with OIM using the OIM Configuration Tool
18.4.4.1
Prerequisites
18.4.4.2
Using OIM Configuration Tool
18.4.5
Seeding the xelsysadm User in Oracle Internet Directory
18.4.6
Updating Oracle Identity Manager Configuration
18.4.7
Validating Integration
18.5
Integrating OAAM with OAM 11
g
18.5.1
Prerequisites
18.5.2
Configuring OAM Encryption Keys in CSF
18.5.3
Configuring OAM Policy Authentication Scheme
18.5.4
Setting OAAM properties for OAM
18.5.5
Validating OAAM/OIM Integration
18.5.5.1
Creating a Resource
18.5.5.2
Assigning Resource to Policy Group
18.5.5.3
Adding Resource to Protected Resources
18.5.5.4
Validating Oracle Access Manager
18.6
Integrating Oracle Adaptive Access Manager with Oracle Identity Manager
18.6.1
Prerequisites
18.6.2
Configuring OIM Encryption Keys in CSF
18.6.3
Setting OAAM properties for OIM
18.6.4
Setting OIM properties for OAAM
18.6.5
Changing Domain to OAAM Advanced Protection
18.6.6
Creating Logout Page
18.6.7
Restarting Oracle Adaptive Access Manager and Oracle Identity Manager
18.6.8
Validating OIM/OAAM Integration
18.7
Integrating Oracle Identity Federation with Oracle Access Manager 11
g
18.7.1
Configure Oracle Identity Federation Server
18.7.1.1
Generating and Configuring Identity Provider and Service Provider Modules
18.7.1.2
Configuring the Data Stores
18.7.1.3
Configuring the Authentication Engines
18.7.1.4
Configuring the OIF Server in Service Provider Mode
18.7.2
Configuring Oracle Access Manager Server
18.8
Auditing Identity Management
19
Managing Enterprise Deployments
19.1
Starting and Stopping Oracle Identity Management Components
19.1.1
Oracle Virtual Directory
19.1.2
Oracle Internet Directory
19.1.3
Oracle HTTP Server
19.1.4
Node Manager
19.1.5
WebLogic Administration Server
19.1.6
Oracle Identity Manager
19.1.7
Oracle Access Manager Managed Servers
19.1.8
Oracle Adaptive Access Manager Managed Servers
19.1.9
Oracle Identity Federation
19.1.10
Oracle Access Manager10
g
Identity Server
19.1.11
Oracle Access Manager10
g
Access Server
19.2
Monitoring Enterprise Deployments
19.2.1
Monitoring Oracle Internet Directory
19.2.1.1
Oracle Internet Directory Component Names Assigned by OIM Installer
19.2.2
Monitoring Oracle Virtual Directory
19.2.3
Monitoring Oracle Directory Integration Platform
19.2.4
Monitoring WebLogic Managed Servers
19.3
Scaling Enterprise Deployments
19.3.1
Scaling Up the Topology
19.3.1.1
Scaling Up the Directory Tier
19.3.1.1.1
Scaling Up Oracle Internet Directory
19.3.1.1.2
Scaling Up Oracle Virtual Directory
19.3.1.2
Scaling Up the Application Tier
19.3.1.2.1
Scaling Up Oracle Directory Integration Platform and ODSM
19.3.1.2.2
Scaling Up Oracle Access Manager 10
g
19.3.1.2.3
Scaling Up Oracle Access Manager 11g
19.3.1.2.4
Scaling Up Oracle Adaptive Access Manager
19.3.1.2.5
Scaling Up OIM (Adding Managed Servers to Existing Nodes)
19.3.1.3
Scaling Up the Web Tier
19.3.2
Scaling Out the Topology
19.3.2.1
Scaling Out the Directory Tier
19.3.2.1.1
Scaling Out Oracle Internet Directory
19.3.2.1.2
Scaling Out Oracle Virtual Directory
19.3.2.2
Scaling Out the Application Tier
19.3.2.2.1
Scaling Out Oracle Directory Integration Platform and ODSM
19.3.2.2.2
Scaling Out Oracle Access Manager 10
g
19.3.2.2.3
Scaling Out Oracle Access Manager 11g
19.3.2.2.4
Scaling Out Oracle Adaptive Access Manager
19.3.2.2.5
Scaling Out OIM (Adding Managed Servers to New Nodes)
19.3.2.3
Scaling Out the Web Tier
19.4
Performing Backups and Recoveries
19.5
Patching Enterprise Deployments
19.5.1
Patching an Oracle Fusion Middleware Source File
19.5.2
Patching Identity Management Components
19.6
Troubleshooting
19.6.1
Troubleshooting Oracle Internet Directory
19.6.2
Troubleshooting Oracle Virtual Directory
19.6.3
Troubleshooting Oracle Directory Integration Platform
19.6.4
Troubleshooting Oracle Directory Services Manager
19.6.5
Troubleshooting Oracle Access Manager
19.6.5.1
User is Redirected to the Login Screen After Activating Some Administration Console Changes
19.6.5.2
User is Redirected to the Administration Console's Home Page After Activating Some Changes
19.6.5.3
OAM Configuration Tool Does Not Remove Invalid URLs
19.7
Other Recommendations
19.7.1
Preventing Timeouts for SQL*Net Connections
20
Configuring Single Sign-on for Administration Consoles
20.1
Configuring SSO for Administration Consoles with OAM 10g
20.1.1
Prerequisites for Configuring Single Sign-On
20.1.1.1
Enable the Policy Protecting the Policy Manager
20.1.2
Updating the Form Authentication for Delegated Administration
20.1.3
Enable SSO protection for the Oracle Identity Navigator and APM Consoles
20.1.4
Validating the Policy Domain and AccessGate Configurations
20.1.4.1
Validating the Policy Domain Configuration
20.1.4.2
Validating the AccessGate Configuration
20.1.5
Setting Up the WebLogic Authenticators
20.1.5.1
Setting Up the Oracle Internet Directory Authenticator
20.1.5.2
Setting Up the Oracle Access Manager Identity Asserter
20.1.5.3
Reordering the Authentication Providers
20.1.5.4
Stopping and Starting the WebLogic Administration Servers and Managed Servers
20.1.6
Validating the Oracle Access Manager Single Sign-On Setup
20.2
Configuring SSO for Administration Consoles with OAM 11g
20.2.1
Prerequisites
20.2.2
Creating Oracle Virtual Directory Authenticator
20.2.3
Creating Oracle Access Manager Identity Asserter
20.3
Administrator Provisioning
20.3.1
Provisioning Admin Users and Groups in an LDAP Directory
20.3.2
Assigning the Admin Role to the Admin Group
20.3.3
Enabling OIM to Connect to SOA Using the Admin Users Provisioned in LDAP
20.3.4
Updating the boot.properties File on IDMHOST1 and IDMHOST2
Index
Scripting on this page enhances content navigation, but does not change the content in any way.