9.3 Configuring Oracle IRM

You can use the Oracle IRM pages on the Control Console to make general configuration settings for Oracle IRM:

  • Set the cryptography algorithms and strengths to use for sealed content.

  • Set the URL of the server that sealed content must contact.

  • Set the URL of a privacy statement that users must accept before viewing sealed content.

  • Set a restriction on the number of devices that a sealed document can be used on simultaneously by one user.

  • Set the keystore type and location if you need to use alternatives to the ones shown.

  • Set an alternative target for the status page called by Oracle IRM Desktop when a sealed document cannot be opened (requires that alternative destination web pages already exist).

  • Set how frequently Oracle IRM Desktop will attempt to contact Oracle IRM Server to synchronize rights.

  • Set options for the age of retained report records and the frequency of their deletion.

  • Set options for context refresh periods that are available when creating or editing roles on the Oracle IRM Server Management Console.

  • Set up test content that will be accessible when users successfully connect to Oracle IRM Server.

  • Determine which languages will be available on the Oracle IRM Server Management Console for the entering of labels (names and descriptions).

  • Set up multiple downloads of the Oracle IRM Desktop installation software to cover different combinations of language and product version.

To configure Oracle IRM:

  1. In the browser panel, find and select IRM.

  2. In the toolbar, select the IRM menu, select Administration, then select General Settings.

  3. Make changes to the settings as required, taking note of the following:

    • Sealed Content Cryptography. Use AES128 unless you have a known reason to use one of the others. For details of all the options, see the online help for the Control Console (select the question mark icon).

    • Server URL. You will need to specify the URL of the server that sealed documents will contact for rights (for example, the right to open a document). If you are using Oracle Access Manager (OAM), this URL should point to the OAM server rather than directly to the rights server. The URL that you enter here cannot be changed after a document has been sealed. If you subsequently change the URL, no one will be able to access the document.

    • Device Count. It is common to specify a device count of 1, meaning that a user can use a sealed document on only one computer at a time. In this case, if the user wishes to use a sealed document on a second computer, he must manually check in his rights on the first computer before moving to the second. This feature is intended to make it difficult for users to circumvent document protection by sharing passwords. However, users may have a legitimate reason to require access to a document from more than one device at a time, in which case this setting can be given a higher value.

    • License Clean-up. Increasing the license clean-up frequency will free database storage space. This setting applies to expired licenses and does not affect licenses that are in use.

    • Keystore Settings. The keystore settings must be changed from the default values as part of post-installation configuration. After this, the settings will not normally need to be changed again.

    • Status Page Redirection. You will need to use these settings only if you have set up an alternative HTML page that you want users to see after an unsuccessful attempt to open a sealed document.

    • Desktop Synchronization. This setting determines which options are available on the Oracle IRM Server Management Console. The default set of days and times will allow contact with the server between 09:00 hours and 17:30 hours, Monday to Friday. You can add further options to cover the remaining days of the week, or to provide additional time periods on any day of the week.

    • Context Refresh Periods. This setting determines which options are available on the Oracle IRM Server Management Console when roles are being created or edited. The default set of values and units will provide a choice of popular refresh periods. To make other refresh periods available, you can change the current values and units, or you can use the Add icon to add further lines to the list.

  4. To save the changes, click the Apply button in the top right corner of the page.