1/16
Contents
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
1
Introduction
1.1
Latest Release Information
1.2
Purpose of this Document
1.3
System Requirements and Specifications
1.4
Certification Information
1.4.1
Where to Find Oracle Fusion Middleware Certification Information
1.4.2
Certification Exceptions
1.4.2.1
Certification Information for Oracle Fusion Middleware 11g R1 with Oracle Database 11.2.0.1
1.4.2.2
Excel Export Issue on Windows Vista Client
1.4.2.3
Oracle Forms and Oracle Reports 11
g
Installer Issues In Windows Vista and Windows XP
1.4.2.4
Restrictions on Specific Browsers
1.4.3
Upgrading Sun JDK From 1.6.0_07 to 1.6.0_11
1.4.4
JMSDELIVERYCOUNT Is Not Set Properly
1.4.5
Viewer Plugin Required On Safari 4 To View Raw XML Source
1.5
Downloading and Applying Required Patches
1.6
Licensing Information
2
Installation and Configuration Issues
2.1
General Issues and Workarounds
2.1.1
Error when Installing OIM Design Console
2.1.2
Launching Oracle Identity Manager Configuration Wizard on AIX with JDK7
2.1.3
Simple Security Mode Does Not Work on AIX
2.1.4
Unable to Add Weblogic Password in the Fusion Middleware Configuration Wizard
2.1.5
JPS Keystore Service Initialization Failure in Join Domain Scenario for Oracle Access Management Domain
2.2
Configuration Issues and Workarounds
2.2.1
Apply Patches and Manually Copy OIM Adapter Template
2.2.2
Default Cache Directory Error
2.2.3
Mandatory Steps to Complete After Installing Oracle Access Management or Oracle Identity Manager
2.2.4
Use Absolute Paths While Running configureSecurityStore.py With -m Join
2.2.5
Warning Messages from idmConfigTool -upgradeLDAPUsersForSSO are Safe to Ignore
2.3
Mandatory Patches for Installing Oracle Identity Manager
3
Upgrade and Migration Issues for Oracle Identity and Access Management
3.1
Upgrade Issues
3.1.1
General Issues and Workarounds
3.1.1.1
OIM-OAM-OAAM: 11.1.1.5.0 to 11.1.2: Error Reset Password in First Login
3.1.1.2
Save Column with Multiple/Null Values to be Manually Updated for LookupByQuery
3.1.1.3
Entitlements Assigned in OIM 11.1.1.5.0 Are Not Shown in the Entitlement Tab After Upgrade
3.1.1.4
OIM-OAM: Upgrade to OAM 11.1.1.5.2 or Later Mandatory Before Upgrade to OIM 11.1.2
3.1.1.5
Lookup Values Do Not Get Saved in the My Information Page
3.1.1.6
Bulk User Modify Does Not Work After Upgrade
3.1.1.7
Upgrading Oracle Access Manager 11
g
R1 (11.1.1.5.0) to Oracle Access Management Access Manager 11
g
R2 (11.1.2) on AIX Platform Fails
3.1.1.8
Update setdomainenv Before Starting the Oracle Access Management Access Manager Servers
3.1.1.9
Authorization Policies Containing No Resources Are Not Extracted
3.1.1.10
T2P Failure in an Upgraded Environment
3.1.1.11
OIM Upgrade: Access Policy Based Provisioning of EBS Resource Does Not Work
3.1.1.12
TCORGANIZATIONNOTFOUNDEXCEPTION Error While Creating New Organizations
3.1.1.13
Forgot User Login Flow Shows System Error
3.1.1.14
OIM Middle Tier Upgrade Patch Domain Report Shows Error for Foreign JNDI Provide Creation
3.1.1.15
Matching Rule is Lost During the OIM 11.1.1.5.0 Upgrade
3.2
Migration Issues
3.2.1
General Issues and Workarounds
3.2.1.1
osso.conf Files may be Copied to Alternate File Location If Upgrading Oracle Single Sign-On 10g Fails
3.2.1.2
Server Logs and Assessment Report for Certain Scenarios Show Only English Messages
3.2.1.3
Migration of J2EE Agent 2.2 is not Supported
3.2.1.4
Oracle Access Management 11g Release 2 (11.1.2.0.0) Coexistence, Upgrade, and Migration Supplement
4
Oracle Identity Management Administration
4.1
General Issues and Workarounds
4.1.1
Clarification About Path for OPMN
4.1.2
Fusion Middleware Control May Return Error in Mixed IPv6 and IPv4 Environment
4.1.3
Limitations in Moving from Test to Production
4.2
Configuration Issues and Workarounds
4.2.1
Configuring Fusion Middleware Control for Windows Native Authentication
4.3
Documentation Errata
5
Oracle Access Management
5.1
General Issues and Workarounds
5.1.1
General Issues and Workarounds: Access Manager
5.1.1.1
Exception Regarding WebGate Profiles Is Expected
5.1.1.2
Unable to Access "/" Context Root if Protected by OSSO Agent for 11g OHS
5.1.1.3
Access Manager Server Start Causes Exception Error
5.1.1.4
Starting Access Manager When Protected by Oracle Entitlements Server Throws Exception
5.1.1.5
Access Tester Does Not Work with Non-ASCII Agent Names
5.1.1.6
Authentication Fails: WNA Challenge, Active Directory, Users with Non-ASCII Characters
5.1.1.7
Simple Mode is Not Supported for JDK 1.6 and AIX
5.1.1.8
User Might Need to Supply Credentials Twice with DCC-Enabled Webgate
5.1.2
General Issues and Workarounds: Security Token Service
5.1.2.1
Issues with Searches and Non-English Browser Settings
5.1.3
General Issues and Workarounds: Identity Federation
5.1.3.1
Federation Metadata is not Accessible after Upgrade
5.1.3.2
Federation Redirect URLs May be Overwritten in Concurrency Mode
5.1.3.3
Errors when Webgate has Credential Collector Option Enabled
5.2
Configuration Issues and Workarounds
5.2.1
Configuration Issues and Workarounds: Access Manager
5.2.1.1
Enabling OpenSSO Agent Configuration Hotswap
5.2.2
Configuration Issues and Workarounds: Security Token Service
5.2.2.1
Create Like (Duplicate) Does Not Copy All Properties of Original Template
5.2.2.2
Incorrect Value in the Kerberos Validation Template
5.2.2.3
No Console Support Removing Partner Encryption or Signing Certificates
5.2.2.4
Resource URLs Removed During Create Like (Duplicate) Operation
5.2.2.5
Error Sending USERNAME TOKEN with NONCE
5.2.3
Configuration Issues and Workarounds: Identity Federation
5.2.3.1
Provider Search Text Fields do an Exact Match Search
5.2.3.2
Incorrect Error Message when an Invalid Signing Certificate is Uploaded
5.2.3.3
Data is Cached in the Keystore Templates Table upon Validation Error
5.2.3.4
Cannot Specify Multiple Non-Proxy Hosts for Identity Federation
5.2.3.5
Invalid IdP is Created if Incorrect Metadata Imported
5.2.3.6
WLST Commands for OpenID IdP Partner
5.2.3.7
No Console Support for Federation OpenID IdP Partner
5.2.3.8
SSO Error when federationscheme for a Partner Protects a Resource
5.2.4
Configuration Issues and Workarounds: Mobile and Social
5.2.4.1
Once Set, Jail Breaking "Max OS Version" Setting Cannot be Empty
5.2.4.2
Additional Configuration Required After Running Test-to-Production Scripts
5.3
Oracle Access Management Console Issues
5.3.1
Messages Sent From the Server to the Client Can Appear in a Foreign Language
5.4
Documentation Errata
5.4.1
Oracle Fusion Middleware Administrator's Guide for Oracle Access Management
5.4.2
Oracle Fusion Middleware Developer's Guide for Oracle Access Management
6
Oracle Adaptive Access Manager
6.1
General Issues and Workarounds
6.1.1
"Last Used On" Column Does Not Sort in Fingerprint Details Page
6.1.2
ADF Exceptions When Incorrect Password Entered for OAAM Admin
6.1.3
Session Alert Message is Hard-Coded and Not Translated
6.2
Scheduler Issues and Workarounds
6.2.1
Altering the Schedule Parameters Does Not Affect Next Recurrence
6.2.2
Pause and Cancel Job Status Does Not Appear in Job Instance Tab
6.3
Audit and Reporting Issues and Workarounds
6.3.1
Commit Snapshot Diff Event Detail Truncated
6.3.2
BI Publish 11
g
Search Transaction Report Issues
6.4
Configuration Issues and Workarounds
6.4.1
Linked Entities and the Order of Configuration
6.4.2
SP2-0606 Error Generated for Loading OAAM Partition Schemas
6.4.3
Input for Create_Purge_Proc.SQL
6.4.4
OAAM Command Line Scripts May Fail
6.4.5
Setting Up the CLI Environment
6.4.6
Use Absolute Paths While Running configureSecurityStore.py With -m Join
7
Oracle Entitlements Server
7.1
General Issues and Workarounds
7.1.1
Tomcat Security Module Fails To Load Custom Attribute Retriever Class
7.1.2
Duplicate Entries of Resource Objects
7.1.3
Finding Default Oracle Entitlements Server Security Module Certificates
7.1.4
Entitlements Server Does Not Recover Connection To Database
7.1.5
Policy Simulator Does Not Open Policies Correctly
7.1.6
Starting Oracle Access Manager When Protected by Entitlements Server Throws Exception
7.1.7
Updating the Opatch Tool
7.2
Configuration Issues and Workarounds
7.2.1
Config Security Store Fails To Create Policy Store Object
7.2.2
Use Absolute Paths While Running configureSecurityStore.py With -m Join
7.2.3
Wrong Type Defined For PIP Service Provider After Adding PIP Attribute
7.3
Documentation Errata
8
Oracle Fusion Middleware High Availability and Enterprise Deployment
8.1
General Issues and Workarounds
8.1.1
Exception When Running LDAPConfigPostSetup.sh
8.1.2
JRockit Install Fails on Some Linux Versions
9
Oracle Privileged Account Manager
9.1
General Issues and Workarounds
9.1.1
Some of the Target Page Strings Will Not be Translated
9.1.2
No Translation (Messages or Help) Support for OPAM Command Line Tools
9.1.3
Create Target in OPAM Does Not Work When Browser Locale=German
9.1.4
OPAM Console Cannot Find Users from Identity Store Configured in WebLogic
9.2
Configuration Issues and Workarounds
9.2.1
Use Absolute Paths While Running configureSecurityStore.py With -m Join
9.3
Documentation Errata
9.3.1
Clarify Locating the Oracle Privileged Account Manager Connector Bundles
9.3.2
Update to opam-config.xml File Location
9.3.3
Update to opam-config.xsd Information
9.3.4
Unsupported Database Target Types Noted in Oracle Privileged Account Manager Admin Guide
10
Oracle Identity Navigator
10.1
General Issues and Workarounds
10.1.1
Incorrect Release Number for oinav Displays in WebLogic Server Administration Console
11
Oracle Identity Governance Framework
12
Oracle Identity Manager
12.1
Patch Requirements
12.1.1
Obtaining Patches From My Oracle Support (Formerly OracleMetaLink)
12.1.2
Patch Requirements for Oracle Database 11g (11.1.0.7)
12.1.3
Patch Requirements for Oracle Database 11g (11.2.0.2.0)
12.1.4
Patch Requirements for Oracle Database 10
g
(10.2.0.3 and 10.2.0.4)
12.1.5
Patch Upgrade Requirement
12.1.6
Patch Requirement for SOA Email Notification
12.1.7
Patch Requirement for BI Publisher 11.1.1.6.0
12.2
General Issues and Workarounds
12.2.1
Auto-Logged In User is Logged Out After the Cookie Expiry Interval of 120 Seconds
12.2.2
Localized Display Name Not Reconciled in Oracle Identity Manager Via User/Role Incremental Reconciliation
12.2.3
Organizations Not Created Because of AD Organization Reconciliation Run
12.2.4
The SodCheckViolation Field of the Process Form is Not Updated for Request Provisioning
12.2.5
Blank Page Displayed for Approval Details
12.2.6
Modification of Disabled Account and Requesting Entitlement for the Account is Allowed
12.2.7
The Refresh Button is Truncated in Some Pages of the Oracle Identity Self Service
12.2.8
Provisioning of Application Instance with AD User Resource Object Does not Work
12.2.9
Some Attestation Pages Do Not Work in Mozilla Firefox and Google Chrome
12.2.10
Error Generated if a User is Created When the Corresponding LDAP Container Does Not Exist
12.2.11
Custom Scheduled Jobs Fail Because of Dependency on Legacy APIs
12.2.12
Catalog Tag Cannot Store More Than 256 Characters
12.2.13
Self Registration Request Fails After Request Approval
12.2.14
Soft-Deleted Entitlement is Provisioned by Access Policy-Based Provisioning
12.2.15
Interrupted Scheduled Job Run Fails on Restarting
12.2.16
Bulk Request for Multiple Entities Fails After Approval
12.2.17
Heterogeneous Request for Entitlements Without Primary Account Can Be Submitted
12.2.18
Import of Disconnected Application Instance Fails
12.2.19
Existing Data for Administrators Role Grant Does Not Sync After Applying Patch 14591093
12.2.20
The Reset Button in the Resource Object Lookup Redirects to Basic Search
12.2.21
IT Resource Definition Not Displayed in Dependency List
12.2.22
Error in Entitlement Provisioning for Manually Created Resource Object
12.2.23
Values in Dependent Combo Box Not Displayed On Selecting Value in Parent Combo Box
12.2.24
QBE Returns No Result When User Has No Permission on Organization of the Requester
12.2.25
Checkbox UDF Displayed as Boolean Field
12.2.26
Lookup for Entitlements Must Be Searchable and Searchable Lookup
12.2.27
Dependent Lookup Does Not Work With Pick List Component
12.2.28
Refresh Button in the Entitlements Tab Does Not Work
12.2.29
No Actions for Create To-Do Task and Create Subtask Menu Items
12.2.30
Cascading Lookups Display Limited Number of Values
12.2.31
Catalog Search With Special Characters Fail
12.2.32
Lookup Search Does Not Support Asterisk Wildcard Character
12.2.33
Errors Not Displayed in Form Designer
12.2.34
UDF for Provisioned Users Not Displayed in the UI
12.2.35
User Creation Fails if Default Password Policy is Removed
12.2.36
Exception Displayed Intermittently
12.2.37
Application Instance Not Activated or Published
12.2.38
Benign unknownplatformexception Error
12.2.39
Error in Searching for Data Components
12.2.40
Retry Provisioning Task Fails
12.2.41
Multiple Entries Displayed for the Same Provisioning Task
12.2.42
Length of Attribute Value Changes on Updating the Form Field
12.2.43
Initiated Tasks and Administrative Tasks in the Pending Approvals Page Not Used
12.2.44
Input Data Lost in Request Catalog
12.2.45
Error on Publishing Sandbox
12.2.46
Import/Export of Organization and Role Without UDFs
12.2.47
Possible Suboptimal SQL in Target Resource Reconciliation Run
12.2.48
Multiple Child Tables Cannot Be Used in Requests
12.2.49
Rule Creation For More Than 10000 Users Fail
12.2.50
Some Special Characters Do Not Work Directly in Catalog Search
12.2.51
Session Failover Issues
12.2.52
Error in Adding Data for Process Instance to Child Form
12.2.53
Last Entitlement Not Removed
12.2.54
Manual Fulfillment Task Not Initiated for Entitlement Provisioning
12.2.55
Form Fields Displayed For Disable/Enable/Revoke Manual Provisioning Task
12.2.56
Duplicate Rows in Request Tracking
12.2.57
Help Desk and Beneficiaries Cannot View Approval Status
12.2.58
Help Desk Cannot Use Request Tracking
12.2.59
Approver Cannot Approve Request From Request Details Page
12.2.60
Use Request Details to Approve Requests That Do Not Require Mandatory Information
12.2.61
Justification Not Persisted
12.2.62
The Refresh Button in Some Pages Do Not Work Properly
12.2.63
Benign Error Messages
12.2.64
Accessibility Compliance
12.2.65
Password Policy Not Enforced
12.2.66
Request Summary Report Does Not Work
12.2.67
Form Designer Failure Not Displayed
12.2.68
Request for Application Instance Fails If Related Sandbox is Not Published
12.2.69
Application Instance Administrator Cannot Create Forms
12.2.70
Delete Reconciliation Does Not Work With libOVD and ODSEE
12.2.71
AD Groups Associated to the Account Not Reconciled
12.2.72
Unpublished Entitlements Provisioned Via Access Policy
12.2.73
Organization UDF Not Supported
12.2.74
Lookup Values Not Saved on the My Information Page
12.2.75
Apply and Revert Buttons Remain Disabled After Changing UDF value
12.2.76
Benign Error for Missing Matching Rule Data
12.2.77
User Type Attribute Value Not Populated
12.2.78
Approval Page Customization Not Supported
12.2.79
Enable, Sequence, and Description for Lookup Values Not Supported
12.2.80
Cannot Add Radio Button
12.2.81
Indirect Role Membership Error
12.2.82
Created UDFs Not Listed in Customization View
12.2.83
Attributes Cannot Be Marked Required Using Form Designer
12.2.84
Cascading LOV Not Working
12.2.85
Number Type Lookup Code Not Supported
12.2.86
Customizing the Self Registration Page Does Not Work
12.2.87
Some Help Links Do Not Work
12.2.88
Unpublished Entities Provisioned Via Access Policies
12.2.89
Pending Approvals Page Customization Causes Browser to Hang
12.3
Configuration Issues and Workarounds
12.3.1
Deep Linking of Identity URL in SOA Email Notification Does Not Work
12.3.2
Benign Connection Error From OIA For SoD Chek
12.3.3
Use Absolute Paths While Running configureSecurityStore.py With -m Join
12.3.4
Oracle Identity Manager Fails to Find orclPwdExpirationDate
12.4
Multi-Language Support Issues and Limitations
12.4.1
UI Components are Displayed in English on non-English Web Browsers
12.4.2
Date Format in Search Criteria Displayed in MM/dd/yyyy hh:mm:ss Format on non-English Locale
12.4.3
BI Publisher 11g Reports Displayed in English Although Translation Files Are Available
12.4.4
Date Format in BI Publisher Report Not Displayed Per Report Locale Setting
12.4.5
Translated Values Not Displayed for User Type and Locale
12.4.6
Catalog Search With Special Non-ASCII Characters Do Not Work Correctly
12.4.7
Polish Translation of BI Publisher Files Do Not Work
12.4.8
Localized String for Cart is Truncated in the Catalog Search Results Page
12.4.9
Request Type and Status Search Options Displayed in Server Locale
12.4.10
Values Not Displayed Per Browser Language Setting
12.4.11
Challenge Questions and Password Policy Messages Displayed in Server Locale
12.4.12
Values for Organization Type and Status Displayed in English
12.4.13
MLS and MR Support Not Available
12.4.14
Request Status and Request Type Displayed in English
12.5
Documentation Errata
13
IdM Integration
13.1
Configuration and Integration Issues and Workarounds
13.1.1
setupOAMTapIntegration.sh Fails to Run on OEL6
13.1.2
Authentication Results in Two User Sessions
13.1.3
Setting Up the CLI Environment in Access Manager-OAAM and Access Manager-OAAM-OIM Integrations
13.1.4
generateOTP() API Has Been Deprecated
13.2
Documentation Errata
13.2.1
Additional Properties for preConfigIDStore and prepareIDStore
13.2.2
Login through /oaam_server No Longer Works After OAAM and Access Manager TAPScheme Integration
13.2.3
Incorrect Setting for bharosa.uio.proxy.mode.flag Causes OAAM and Access Manager 11g Integration to Fail
13.2.4
IDContext Claims in the Access Manager-OAAM TAP Integration
13.2.5
OAAM Password Length Limited to 25 Characters
Scripting on this page enhances content navigation, but does not change the content in any way.