This chapter explains how to configure Oracle Identity Navigator. It includes the following topics:
Installation and Configuration Roadmap for Oracle Identity Navigator
Configuring Oracle Identity Navigator in a New WebLogic Domain
Getting Started with Oracle Identity Navigator After Installation
Before you start installing and configuring Oracle Identity and Access Management products in any of the scenarios discussed in this guide, note that IAM_HOME is used to refer to the Oracle Home directory that includes Oracle Identity Manager, Oracle Access Management, Oracle Adaptive Access Manager, Oracle Entitlements Server, Oracle Identity Navigator, Oracle Privileged Account Manager, and Oracle Access Management Mobile and Social. You can specify any name for this Oracle Home directory.
Table 4-1 lists the tasks for installing and configuring Oracle Identity Navigator.
Table 4-1 Installation and Configuration Flow for Oracle Identity Navigator
| No. | Task | Description |
|---|---|---|
|
1 |
Review installation concepts in the Installation Planning Guide. |
Read the Oracle Fusion Middleware Installation Planning Guide, which describes the process for various users to install or upgrade to Oracle Fusion Middleware 11g (11.1.2) depending on the user's existing environment. |
|
2 |
Review the system requirements and certification documents to ensure that your environment meets the minimum installation requirements for the components you are installing. |
For more information, see Section 2.1, "Reviewing System Requirements and Certification". |
|
3 |
Obtain the Oracle Fusion Middleware Software. |
For more information, see Section 3.2.1, "Obtaining the Oracle Fusion Middleware Software" |
|
4 |
Review the Database requirements. |
For more information, see Section 3.2.2, "Database Requirements". |
|
5 |
Run Oracle Fusion Middleware Repository Creation Utility (RCU) to create and load the appropriate schemas for Oracle Identity and Access Management products. |
For more information, see Section 3.2.3, "Creating Database Schema Using the Oracle Fusion Middleware Repository Creation Utility (RCU)". |
|
6 |
Review WebLogic Server and Middleware Home requirements. |
For more information, see Section 3.2.4, "WebLogic Server and Middleware Home Requirements". |
|
7 |
Start the Oracle Identity and Access Management Installer. |
For more information, see Section 3.2.6, "Starting the Oracle Identity and Access Management Installer". |
|
8 |
Install the Oracle Identity and Access Management 11g software. |
Oracle Identity Navigator is included in the Oracle Identity and Access Management Suite. You can use the Oracle Identity and Access Management 11g Installer to install Oracle Identity and Access Management Suite. For more information, see Section 3.2.7, "Installing Oracle Identity and Access Management 11g Release 2 (11.1.2.2.0)". |
|
9 |
Run the Oracle Fusion Middleware Configuration Wizard to configure your Oracle Identity and Access Management products in a new or existing WebLogic domain. |
For more information, see Section 4.3, "Configuring Oracle Identity Navigator in a New WebLogic Domain". |
|
10 |
Configure the Database Security Store. |
For more information, see Section 3.2.10, "Configuring Database Security Store for an Oracle Identity and Access Management Domain". |
|
11 |
Start the servers. |
You must start the WebLogic Administration Server. For more information, see Section 4.4, "Starting the Servers". |
|
12 |
Complete the post-installation tasks. |
Complete the following post-installation tasks: |
This topic describes how to configure only Oracle Identity Navigator in a new WebLogic administration domain. It includes the following sections:
Perform the configuration in this topic if you want to configure Oracle Identity Navigator with Oracle Identity Manager, Oracle Access Management, and Oracle Adaptive Access Manager in a new WebLogic domain and then run the Oracle Identity Navigator discovery feature. This feature populates links to the product consoles for Oracle Identity Manager, Oracle Access Management, and Oracle Adaptive Access Manager. You can then access those product consoles from within the Oracle Identity Navigator interface, without having to remember the individual console URLs.
Performing the configuration in this section deploys the Oracle Identity Navigator application on a new WebLogic domain.
The configuration in this section depends on the following:
Oracle WebLogic Server 11g Release 1 (10.3.6)
Installation of the Oracle Identity and Access Management 11g software
Database schemas for Oracle Identity Navigator. For more information, see Section 3.2.3, "Creating Database Schema Using the Oracle Fusion Middleware Repository Creation Utility (RCU)"
Perform the following steps to configure only Oracle Identity Navigator in a new WebLogic domain:
Start the Oracle Fusion Middleware Configuration Wizard by running the <IAM_HOME>/common/bin/config.sh script (on UNIX), or <IAM_HOME>\common\bin\config.cmd (on Windows).
The Welcome screen of the Oracle Fusion Middleware Configuration Wizard appears.
Note:
IAM_HOME is used as an example here. You must run this script from your Oracle Identity and Access Management Home directory that contains Oracle Identity Manager, Oracle Access Management, Oracle Adaptive Access Manager, Oracle Entitlements Server, Oracle Identity Navigator, Oracle Privileged Account Manager, and Oracle Access Management Mobile and Social.
On the Welcome screen, select Create a new WebLogic domain, and click Next. The Select Domain Source screen appears.
On the Select Domain Source screen ensure that the Generate a domain configured automatically to support the following products: option is selected. Select Oracle Identity Navigator for Managed Server - 11.1.2.2.0 [IAM_Home], and click Next. The Specify Domain Name and Location screen appears.
Note:
When you select the Oracle Identity Navigator for Managed Server- 11.1.2.2.0 [IAM_Home] option, the following options are also selected, by default:
Oracle Platform Security Service 11.1.1.0 [IAM_Home]
Oracle JRF 11.1.1.0 [oracle_common]
Enter a name and a location for the domain to be created, and click Next. The Configure Administrator User Name and Password screen appears.
Configure a user name and a password for the administrator. The default user name is weblogic. Click Next.
The Configure Server Start Mode and JDK screen appears. Choose a JDK from the Available JDKs and select a WebLogic Domain Startup Mode. Click Next.
On the Configure JDBC Component Schema screen, select a component schema, such as the OPSS Schema that you want to modify.
You can set values for Schema Owner, Schema Password, Database and Service, Host Name, and Port. Click Next. The Test JDBC Component Schema screen appears. After the test succeeds, click Next. The Select Optional Configuration screen appears.
On the Select Optional Configuration screen, you can configure the following:
Administration Server
Managed Servers, Clusters and Machines
Deployments and Services
RDBMS Security Store
Select the desired options, and click Next.
Note:
The default managed server name where Oracle Identity Navigator is deployed is opam_server1.
Optional: Configure the following Administration Server parameters:
Name
Listen address
Listen port
SSL listen port
SSL enabled or disabled
Optional: Assign the Administration Server to a machine.
Optional: Select Deployments, such as applications and libraries, and Services to target them to a particular cluster or server.
Optional: Configure RDBMS Security Store, as required.
On the Configuration Summary screen, you can view summaries of your configuration for deployments, application, and service. Review the domain configuration, and click Create to start creating the domain.
A new WebLogic domain to support Oracle Identity Navigator is created in the <MW_HOME>\user_projects\domains directory (on Windows). On UNIX, the domain is created in the <MW_HOME>/user_projects/domains directory.
Note:
After configuring Oracle Identity Navigator in a new WebLogic administration domain, you must configure the Database Security Store. For more information, see Section 3.2.10, "Configuring Database Security Store for an Oracle Identity and Access Management Domain".
After installing and configuring Oracle Identity Navigator, you must start the Oracle WebLogic Administration Server and the Managed Server for Oracle Identity Navigator, as described in Appendix C, "Starting the Stack".
To verify the installation of Oracle Identity Navigator, complete the following steps:
Log in to the Administration Console for Oracle Identity Navigator using the following URL:
http://<managedserver-host>:<managedserver-nonsslport>/oinav/faces/idmNag.jspx
The Oracle Identity Navigator dashboard and the resource catalog are displayed.
Click the Customize link on the upper right corner of the screen to switch to the Edit mode.
Click the Add Content button on the page. A resource catalog pops up.
In the pop-up dialog, click the Open link for the folder IDM Product Launcher. The Launcher task flow pops up.
In the pop-up dialog, click the Add link. Verify that the Launcher portlet is added to the page content. Continue to add News task flows to the page, without closing the pop-up dialog. Click the up arrow at the upper left corner. The top folder layout is displayed again. Click the Open link for the folder News. The News and Announcements task flow pops up.
In the News and Announcements pop-up dialog, click the Add link. Verify that the Report portlet is added to the page content. Continue to add Reports task flows to the page, without closing the pop-up dialog. Click the up arrow at the upper left corner. The top folder layout is displayed again. Click the Open link for the folder My Reports. Click the Add link and the Close button (X). All the three workflows are added to the page content.
Change the default layout, if necessary, by clicking the Pencil icon located on the upper right area of the screen.
To exit the Edit mode, click the Close button.
If the task flows are properly added to the page content, the screen displays the task flow content.
Test the Product Registration functionality as follows:
Create, edit, or delete the product information by clicking the Administration tab.
To add a new product, click the Create image icon in the Product Registration section. The New Product Registration dialog pops up.
Enter the relevant information in this dialog, and the new product registration is updated accordingly. The new product registration data is updated on the Launcher portlet after you click the Dashboard tab.
Click the product link and ensure that a new browser window or tab opens with the registered product URL.
Test the News functionality as follows:
Click the refresh icon to update the RSS feed content.
Click the news item link to open the source of content in a new browser window or tab.
Test the Reports functionality as follows:
Add a report by clicking the Add icon. The Add Report dialog pops up.
In this dialog, select a report to add, and click the Add Report button. Verify that the report is added.
Run a report by clicking the report icon. The report opens in a new browser window or tab.
After installing Oracle Identity Navigator, refer to the "Using Identity Navigator" chapter in the Oracle Fusion Middleware Administrator's Guide for Oracle Identity Navigator.