1/17
Contents
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
Part I Understanding Oracle Identity and Access Management
1
Introduction to Oracle Identity and Access Management Migration and Coexistence
1.1
Oracle Identity and Access Management Overview
1.2
Migration and Coexistence Scenarios
1.3
Upgrade Scenarios
1.4
Supported Starting Points for Migration and Coexistence
1.4.1
Supported Starting Points for Oracle Access Manager 10
g
Migration
1.4.2
Supported Starting Points for Oracle Adaptive Access Manager 10
g
Migration
1.4.3
Supported Starting Points for Oracle Single Sign-On 10
g
Migration
1.4.4
Supported Starting Points for Sun OpenSSO Enterprise Migration
1.4.5
Supported Starting Points for Sun Java System Access Manager Migration
1.4.6
Supported Starting Points for Oracle Identity Analytics Migration
1.4.7
Supported Starting Points for Coexistence of Oracle Access Manager 10
g
With Oracle Access Management Access Manager 11.1.2.2.0
1.4.8
Supported Starting Points for Coexistence of Sun OpenSSO Enterprise With Oracle Access Management Access Manager 11.1.2.2.0
1.4.9
Supported Starting Points for Coexistence of Sun Java System Access Manager With Oracle Access Management Access Manager 11.1.2.2.0
1.5
Documentation Roadmap
Part II Migrating to Oracle Identity and Access Management 11
g
Release 2 (11.1.2.2.0)
2
Migrating Oracle Access Manager 10
g
Environments
2.1
Migration Overview
2.1.1
Modes of Migration
2.1.1.1
Complete Migration
2.1.1.2
Incremental Migration
2.1.1.3
Delta Migration
2.1.2
Migration Summary
2.2
Topology Comparison
2.3
Migration Roadmap
2.4
Prerequisites for Migration
2.5
Installing Oracle Identity and Access Management 11.1.2.2.0
2.6
Configuring Oracle Access Management Access Manager 11.1.2.2.0
2.7
Configuring Transport Security Mode for Access Manager 11.1.2.2.0 Server
2.7.1
Deciding the Security Mode of Access Manager 11.1.2.2.0 Server
2.7.2
Configuring Cert Mode Communication for Access Manager 11.1.2.2.0 Server
2.7.3
Configuring Simple Mode Communication for Access Manager 11.1.2.2.0 Server
2.8
Starting Administration Server and Access Manager 11.1.2.2.0 Managed Server(s)
2.9
Creating the Properties File
2.10
Generating the Assessment Report
2.11
Restarting the Administration Server
2.12
Additional Steps for Incremental Migration
2.13
Migrating the Artifacts of Oracle Access Manager 10
g
to Access Manager 11.1.2.2.0
2.14
Configuring Centralized Logout for 10
g
WebGates with Access Manager 11.1.2.2.0
2.15
Associating the WebGates with Access Manager 11.1.2.2.0 Server
2.16
Verifying the Migration
2.17
Troubleshooting
2.17.1
Increasing the Size of the Log File to Avoid the Loss of Migration Data
2.17.2
Increasing the Heap Size of the WebLogic Server
2.17.3
LDAP Paging Feature of Oracle Access Manager Migration May Not Work
3
Migrating Oracle Adaptive Access Manager 10
g
Environments
3.1
Migration Overview
3.2
Topology Comparison
3.3
Migration Roadmap
3.4
Prerequisites for Migration
3.5
Installing Oracle Identity and Access Management 11.1.2.2.0
3.6
Creating Oracle Platform Security Services Schema
3.7
Upgrading OAAM 10
g
Schema
3.8
Configuring OAAM 11.1.2.2.0 in a New or Existing Oracle WebLogic Domain
3.9
Configuring Database Security Store
3.10
Configuring Node Manager
3.11
Starting WebLogic Administration Server
3.12
Stopping OAAM Managed Servers
3.13
Upgrading OAAM Middle Tier Using Upgrade Assistant
3.14
Starting OAAM Managed Servers
3.15
Verifying the Migration
4
Migrating Oracle Single Sign-On 10
g
Environments
4.1
Migration Overview
4.2
Migration Summary
4.3
Topology Comparison
4.4
Migration Scenarios
4.4.1
Oracle Delegated Administration Services Required After Migrating Oracle Single Sign-On 10
g
to Access Manager 11.1.2.2.0
4.4.2
Oracle Delegated Administration Services Required, but Oracle Single Sign-On Admin Not Required After Migrating Oracle Single Sign-On to Access Manager 11.1.2.2.0
4.4.3
Oracle Delegated Administration Services Not Required After Migrating Oracle Single Sign-On to Access Manager 11.1.2.2.0
4.5
Migration Roadmap
4.6
Prerequisites for Migration
4.7
Understanding the Access Manager 11.1.2.2.0 Topology
4.8
Optional: Upgrading the Oracle Database
4.9
Creating Schemas Using Repository Creation Utility
4.10
Installing and Configuring the Access Manager 11.1.2.2.0 Middle Tier
4.10.1
Installing and Configuring Access Manager 11.1.2.2.0 Using Oracle Single Sign-On 10
g
Host Name and Port Number
4.10.2
Installing and Configuring Access Manager 11.1.2.2.0 Using New Host Name or New Port Number
4.11
Upgrading Access Manager 11.1.2.2.0 Middle Tier Using Upgrade Assistant
4.12
Performing Post-Migration Tasks
4.12.1
Configuring Oracle Portal 10
g
with Access Manager 11.1.2.2.0 Server if the Oracle HTTP Server Port is Changed
4.12.2
Configuring Oracle Access Management 11.1.2.2.0 Administration Console to Align Roles
4.12.3
Copying the osso.conf File
4.12.4
Configuring Oracle Business Intelligence Discoverer 11
g
with Access Manager 11.1.2.2.0
4.12.5
Setting the Headers in the Authentication Policy for the Protected DAS Resources
4.12.6
Setting the Default Authentication Scheme
4.12.7
Setting the Migrated Identity Store as Default Store and System Store for Access Manager 11.1.2.2.0
4.12.8
Additional Step for Oracle Internet Directory Configured in SSL Server Authentication Mode
4.12.9
Additional Access Manager Post-Migration Tasks
4.12.10
Decommissioning Oracle Single Sign-On 10
g
4.13
Verifying the Migration
5
Migrating Sun OpenSSO Enterprise 8.0 Environments
5.1
Migration Overview
5.2
Modes of Migration
5.2.1
Complete Migration
5.2.2
Incremental Migration
5.2.3
Delta Migration
5.3
Migration Summary
5.3.1
Summary of Migration of Agents
5.3.2
Summary of Migration of Policies
5.3.3
Summary of Migration of User Stores
5.3.4
Summary of Migration of Authentication Stores
5.4
Topology Comparison
5.5
Migration Roadmap
5.6
Prerequisites for Migration
5.7
Installing Oracle Identity and Access Management 11.1.2.2.0
5.8
Configuring Oracle Access Management Access Manager 11.1.2.2.0
5.9
Generating the Assessment Report
5.9.1
Obtaining the Assessment Tool
5.9.2
Specifying LDAP Connection Details
5.9.3
Running the OpenSSO Agent Assessment Tool
5.9.4
Analyzing the Assessment Report
5.10
Starting the WebLogic Administration Server
5.11
Additional Steps for Incremental Migration
5.12
Creating the Properties File
5.13
Migrating the Artifacts of OpenSSO Enterprise 8.0 to Access Manager 11.1.2.2.0
5.14
Performing Post-Migration Tasks
5.15
Verifying the Migration
6
Migrating Sun Java System Access Manager 7.1 Environments
6.1
Migration Overview
6.2
Modes of Migration
6.2.1
Complete Migration
6.2.2
Incremental Migration
6.2.3
Delta Migration
6.3
Migration Summary
6.3.1
Summary of Migration of Agents
6.3.2
Summary of Migration of Policies
6.3.3
Summary of Migration of User Stores
6.3.4
Summary of Migration of Authentication Stores
6.4
Topology Comparison
6.5
Migration Roadmap
6.6
Prerequisites for Migration
6.7
Installing Oracle Identity and Access Management 11.1.2.2.0
6.8
Configuring Oracle Access Manager 11.1.2.2.0
6.9
Generating the Assessment Report
6.9.1
Obtaining the Tool
6.9.2
Specifying LDAP Connection Details
6.9.3
Updating the Agent Profile of 2.2 Agents
6.9.4
Running the OpenSSO Agent Assessment Tool
6.9.5
Analyzing the Assessment Report
6.10
Starting the WebLogic Administration Server
6.11
Additional Steps for Incremental Migration
6.12
Creating the Properties File
6.13
Migrating the Artifacts of Sun Java System Access Manager 7.1 to OAM 11.1.2.2.0
6.14
Performing Post-Migration Tasks
6.15
Verifying the Migration
7
Migrating Completed Certifications From Oracle Identity Analytics to Oracle Identity Manager
7.1
Migration Overview
7.2
Migration Roadmap
7.3
Prerequisites for Migration
7.4
Obtaining Migration Tool
7.5
Copying jar Files from Oracle Identity Analytics Installation
7.6
Specifying Database Connection Details
7.7
Migrating Closed Certifications
7.8
Verifying the Migration
Part III Coexistence Scenarios
8
Coexistence of Oracle Access Manager 10
g
with Oracle Access Management Access Manager 11.1.2.2.0
8.1
Coexistence Overview
8.2
Coexistence Features
8.2.1
About Credential Collection
8.3
Coexistence Topology
8.3.1
Accessing resource protected by 10
g
WebGate and Oracle Access Manager 10
g
and then accessing resource protected by 10
g
WebGate and Access Manager 11
g
8.3.2
Accessing resource protected by 11
g
WebGate and Access Manager 11
g
and then accessing resource protected by 10
g
WebGate and Oracle Access Manager 10
g
8.3.3
Accessing resource protected by 10
g
WebGate and Access Manager 10
g
and then accessing resource protected by 11
g
WebGate and Access Manager 11
g
8.3.4
Accessing resource protected by 10
g
WebGate and Access Manager 11
g
and then accessing resource protected by 11
g
WebGate and Access Manager 11
g
8.4
Task Roadmap
8.5
Prerequisites for Coexistence
8.5.1
Configuring User Identity Store in Access Manager 11.1.2.2.0
8.6
Optional: Installing and Configuring Oracle HTTP Server 11
g
(OHS-1)
8.7
Optional: Installing and Configuring WebGate 11
g
-1
8.8
Optional: Installing and Configuring 10
g
WebGates
8.9
Enabling Coexistence Mode on Access Manager 11.1.2.2.0 Server
8.10
Configuring Logout Settings
8.11
Verifying the Configuration
8.12
Disabling Coexistence Feature
8.13
Known Issue
9
Coexistence of Sun OpenSSO Enterprise 8.0 with Oracle Access Management Access Manager 11.1.2.2.0
9.1
Coexistence Overview
9.2
Coexistence Topology
9.3
Task Roadmap
9.4
Prerequisites for Coexistence
9.5
Protecting the End-Point URL of Access Manager 11.1.2.2.0 Server Using Agent-2
9.5.1
Creating Agent-2 Profile for Access Manager 11.1.2.2.0 on OpenSSO Enterprise 8.0 Server
9.5.2
Installing Agent-2 (Policy Agent 3.0)
9.5.3
Updating Web Applications to Include Agent Filter Configurations
9.5.4
Creating Authentication Policy on OpenSSO Enterprise 8.0 Server for Access Manager 11.1.2.2.0
9.6
Configuring Data Source for Access Manager 11.1.2.2.0
9.7
Updating LDAPNoPasswordAuthModule in Access Manager 11.1.2.2.0
9.8
Creating the Profile of Agent-1 in Access Manager 11.1.2.2.0
9.9
Creating an Authentication Policy in Access Manager 11.1.2.2.0 to Protect Resource-1
9.10
Modifying the OpenSSO Cookie Name in Access Manager 11.1.2.2.0
9.11
Updating the Profile of Agent-2 in OpenSSO Enterprise 8.0 Server
9.12
Configuring Logout Settings
9.12.1
Settings to Initiate Logout from OpenSSO Enterprise 8.0 Server
9.12.2
Settings to Initiate Logout from Access Manager 11.1.2.2.0 Server
9.13
Verifying the Configuration
10
Coexistence of Sun Java System Access Manager 7.1 with Oracle Access Management Access Manager 11.1.2.2.0
10.1
Coexistence Overview
10.2
Coexistence Topology
10.3
Task Roadmap
10.4
Prerequisites for Coexistence
10.5
Protecting Access Manager 11
g
Server's End Point URL by Agent-2
10.5.1
Creating the Profile of Agent-2 for Access Manager on Sun Java System Access Manager 7.1 Server
10.5.2
Installing Agent-2 (Policy Agent 2.2)
10.5.3
Updating Web Applications to Include Agent Filter Configurations
10.5.4
Creating Policy on Sun Java System Access Manager 7.1 Server for Access Manager
10.6
Configuring Data Source for Access Manager 11.1.2.2.0
10.7
Updating LDAPNoPasswordAuthModule in Access Manager 11
g
10.8
Creating the Profile of Agent-1 in Access Manager 11.1.2.2.0
10.9
Creating an Authentication Policy in Access Manager 11.1.2.2.0 to Protect Resource-1
10.10
Modifying the OpenSSO Cookie Name in Access Manager 11.1.2.2.0
10.11
Updating the Profile of Agent-2 in Sun Java System Access Manager 7.1 Server
10.12
Configuring Logout Settings
10.12.1
Settings to Initiate Logout from Sun Java System Access Manager 7.1 Server
10.12.2
Settings to Initiate Logout from Access Manager 11
g
Server
10.13
Verifying the Configuration
A
Common Migration Tasks
A.1
Stopping the Servers
A.1.1
Stopping the Managed Server(s)
A.1.2
Stopping the WebLogic Administration Server
A.2
Starting the Servers
A.2.1
Starting the WebLogic Administration Server
A.2.2
Starting the Managed Server(s)
Scripting on this page enhances content navigation, but does not change the content in any way.